Bugtraq mailing list archives
Re: Xwindows security?
From: mccoy () io com (Jim McCoy)
Date: Wed, 11 Jan 1995 13:58:13 -0600 (CST)
From: Jon Peatfield <J.S.Peatfield () amtp cam ac uk>
[...]
I'd like to add a new authentication mechanism to X which uses Ident (TAP, RFC-931 etc), to check that a user is permitted. e.g. a server is given a list of allowed user/machine pairs by a program like xhost: [which it checks using ident for incoming connections...]
This pretty much reduces down to the same problem that xhost has. I have several program that will fake my ident ID to be whatever I want it to be. The advantge of xauth over xhost is that it requires possession of a discrete piece of information which, in theory, cannot be easily faked. If I have physical access the host I can change my username, run an ident faker, or otherwise compromise any security mechanism which relies upon the remote machine to provide the authentication. You allow for a bit more granularity in access control in a trusted (and trusting) environment, but if you already have this level of trust xhost is good enough anyway because all you really need to do is prevent someone from accidentally popping up a window on your display... jim
Current thread:
- Re: Xwindows security?, (continued)
- Re: Xwindows security? Jon Peatfield (Jan 10)
- Re: Xwindows security? Rens Troost (Jan 11)
- Re: Xwindows security? Jon Peatfield (Jan 11)
- Re: Xwindows security? Rens Troost (Jan 11)
- Re: Xwindows security? Jon Peatfield (Jan 11)
- xcrowbar William McVey (Jan 11)
- xcrowbar der Mouse (Jan 11)
- Re: Xwindows security? Dave Kinchlea (Jan 11)
- Re: Xwindows security? Adam Shostack (Jan 11)
- Re: Xwindows security? Darren Reed (Jan 11)
- Re: Xwindows security? Jim McCoy (Jan 11)
- Re: Xwindows security? Julian Assange (Jan 13)
- Re: Xwindows security? Timothy Newsham (Jan 11)
- about /usr/etc/chill *Hobbit* (Jan 11)
- mountd keeps vanishing (!) Eric Berggren (Jan 11)
- Re: mountd keeps vanishing (!) Eric Kimminau (Jan 12)
- Re: mountd keeps vanishing (!) Karl Strickland (Jan 12)
- Re: mountd keeps vanishing (!) Pete Shipley (Jan 14)
- X Window System security Stephen Gildea (Jan 11)
- Re: Xwindows security? Benjamin Fried (Jan 10)