Re: Hostile X servers

[perry () piermont com (Perry E. Metzger)]

Zygo Blaxell writes:
> For those of us who've been paying attention for the last six months,
> this can be no surprise.  However, this makes me think of other X-related
> attacks.

There are dozens of X attacks. My generic way to stop them these days
is to compile the X server without TCP support. Yes, this still makes
users vulnerable to others logging in to their workstation, but it
does totally eliminate the threat of others on the network hitting
them. It does perhaps reduce functionality somewhat, but you can get
it back with things like ssh to provide tunnels for applications...

Perry