[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape hole without .Xauthority (fwd)

good points, Christian!

more and more, networks are becoming flooded with X traffic.  although X
has always been known to be a potential security hole, i think X-attacks
are going to increase dramatically in the coming months.

i commonly hear of sights with Xauthority enabled, only to have the user
community type "xhost +" at the prompt.  bad karma.  the days of pumping
rude & crass noises to someone else's workstation will soon graduate to
more nefarious and insidious attacks.

is anyone looking into a means of securing X (above and beyond the current
weak solutions)?


o  robert owen thomas: unix consultant. cymro ydw i. user scratching post.  o
o       e-mail: [email protected] --or-- [email protected]        o
o               vox:  708.435.7076   fax:  708.435.7360                     o
o        "When I die, I want to go sleeping like my grandfather...          o
o              Not screaming like the passengers in his car."               o