Incoming from Uwe Brauer: > On 23 Apr 2004, [EMAIL PROTECTED] wrote: > > > On Fri, 23 Apr 2004, Uwe Brauer wrote: > > > >> On 22 Apr 2004, [EMAIL PROTECTED] wrote: > >> > >> However I wonder, why does xhost + 127.0.0.1:0.0 not work anymore, > >> if there is a change in the default behavior where has it been > >> announced. > > > > Debian configured the X such that it doesn't listen to any TCP > > connection by default for security reason. > > well, it worked in woody. My question remains where has it been > announced.
Usenet: comp.os.linux.security, and others. > Security: now in order to use an X-application which I can use only as > another user, I have to do > xhost + xhost +localhost # IFF you must! > Which is surely *very* insecure!!! > As a matter of fact I don't like it at all. > So is there any way to reactivate the old (woody) configuration which > is for _this_ purpose more *secure* Better, use xauth: xauth list # if you already have keys, skip next xauth generate . # perform if you have no auth file xauth nextract username.xa $DISPLAY # should be the only step needed. Now login to the other machine/account. export DISPLAY=$REMOTE_HOSTIP:0.0 xauth nmerge ~username/username.xa -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling - -
