X security, again

[mouse () Collatz McRCIM McGill EDU (der Mouse)]

After all the talk about X security, including me saying how xconns
could be souped up to be reasonably useful, I decided to _do_ something
instead of just talk.

I now have a program that behaves superfically like xconns, but with
some significant differences:

- It uses RFC931 to display usernames, when the client host supports
  RFC931.

- It allows the user to freeze (and unfreeze) connections, or kill
  them, independent of the client, and very importantly independent of
  the server.  The KillClient request can be used to forcibly
  disconnect a client from the server, but only if the client has
  created a resource, which (for example) neither xkey nor xcrowbar
  does.

- It monitors the connection, and if it sees certain dubious requests
  (currently configurable only by hacking on the source), it pops up a
  little menu with which the user can allow the request, have it
  replaced with a NoOperation request, or kill the connection.  The
  dubious requests are, at present, requests to change the host access
  list, requests to enable or disable access control, and
  ChangeWindowAttributes requests operating on non-root windows not
  created by the same client.

There is much that it doesn't do but perhaps should.  More operations
should be considered "dubious" (eg, DestroyWindow on others' windows)
and it would be nice to be able to configure access control and levels
of trust somehow.  Consider this proof-of-concept, if you will. :-)

This program is up for anonymous ftp from collatz.mcrcim.mcgill.edu, in
/X/xc.c (please ask for xc.c.gz if you have gunzip - be kind to my poor
netlink).  There is currently no documentation aside from what I've
written above; once I get some written I'll drop it in as xc.doc.

                                        der Mouse

                            mouse () collatz mcrcim mcgill edu