[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape hole without .Xauthority (fwd)

To: Christian Wettergren <[email protected]>
Subject: Re: Netscape hole without .Xauthority (fwd)
From: [email protected] (Robert Owen Thomas)
Date: Wed, 4 Oct 1995 09:47:25 -0500
Cc: [email protected]
In-Reply-To: Christian Wettergren <[email protected]> "Re: Netscape hole without .Xauthority (fwd)" (Oct 4, 6:04am)
References: <[email protected]>
Sender: [email protected]

good points, Christian!

more and more, networks are becoming flooded with X traffic.  although X
has always been known to be a potential security hole, i think X-attacks
are going to increase dramatically in the coming months.

i commonly hear of sights with Xauthority enabled, only to have the user
community type "xhost +" at the prompt.  bad karma.  the days of pumping
rude & crass noises to someone else's workstation will soon graduate to
more nefarious and insidious attacks.

is anyone looking into a means of securing X (above and beyond the current
weak solutions)?

regards,
--robert
--

o  robert owen thomas: unix consultant. cymro ydw i. user scratching post.  o
o       e-mail: [email protected] --or-- [email protected]        o
o               vox:  708.435.7076   fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o

References:
- Re: Netscape hole without .Xauthority (fwd)
  - From: Christian Wettergren <[email protected]>

Prev by Date: Re: Web "places" and the media monsters
Next by Date: FIZ_zle
Prev by thread: Re: Netscape hole without .Xauthority (fwd)
Next by thread: Re: Netscape hole without .Xauthority (fwd)
Index(es):
- Date
- Thread