On Tue, 2008-04-08 at 01:08 +0300, Timo Lindfors wrote: > Mark Seaborn <[EMAIL PROTECTED]> writes: > > X11 access is not quite innocuous. :-) X is a big can of worms that > > will require a lot of work to make safe. [2] > > Indeed. I today noticed that even with 'ssh -X' remote host can log > everything I type: > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=474785
By default "ssh -X" doesn't use the XSecurity extension on Debian or Ubuntu. See "ForwardX11Trusted" on the ssh_config man page. I think they disabled this by default because it breaks enough X applications to be a problem. If I remember correctly, it breaks Gtk's pop-up menus. There is an explanation of why this breaks on http://plash.beasts.org/wiki/X11SecurityRequirements. -- Mark Seaborn Software Engineer Cmed Technology Ltd. Registered in England and Wales No. 3869835 Registered Office and Address for Communication: Holmwood, Broadlands Business Campus, Langhurstwood Road, Horsham, RH12 4QP, United Kingdom E [EMAIL PROTECTED] W www.cmedresearch.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
