Date: Thu, 24 Feb 2000 18:36:50 -0800 From: tom brown <tomb@cgf.net> To: "A. Rakukin" <rakukin@mail.ru> Cc: freebsd-questions@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: X authorization Message-ID: <38B5EAC2.5063CC6@cgf.net> References: <E12O4Et-0001Zs-00@f4.mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
"A. Rakukin" wrote: > Hi to all, > > Would be grateful for help or explanation. I used to think that by default > nobody can run anything on my display. But now I revealed that it is enough > to export DISPLAY on remote host to access my xserver. 'xhost' on the server > (that has been accessed) says that > > access control enabled, only authorized clients can connect > > and nothing more. What is the possible source of the problem? > I have not customized any authorization mechanisms... > I run FreeBSD 3.4. > > Thank you, > Alex > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message If you are realy bothered by this you could apply IPFW filters to ports between 6000-6100 to prevent any connection to the X system. I think that there is also a kerberos token based scheme of athentication. I've never used it but details are at : http://www.xfree86.org If you want to know more about the vunerabilites of X: http://packetstorm.securify.com/opensec-exploits/exploits/netapps/x-win/ Tom Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38B5EAC2.5063CC6>