On Mon, 25 Apr 2022, Bob Friesenhahn wrote:
This maps to using the option ForwardX11Trusted=yes.
According to the Debian ssh manual page:
(Debian-specific: X11 forwarding is not subjected to X11
SECURITY extension restrictions by default, because too
many programs currently crash in this mode. Set the
ForwardX11Trusted option to “no” to restore the upstream
behaviour. This may change in future depending on client-
side improvements.)
So it appears that Debian added a customization for this case.
I quoted the wrong paragraph (I used the one for -X). This is the
paragraph which was added to the Debian manual page for -Y:
(Debian-specific: In the default configuration, this option
is equivalent to -X, since ForwardX11Trusted defaults to
“yes” as described above. Set the ForwardX11Trusted option
to “no” to restore the upstream behaviour. This may change
in future depending on client-side improvements.)
Regardless, it seems that OpenIndiana could include the same default
customization that Debian added. It seems that this customization was
added while building OpenSSH rather than by editing a config file.
Bob
--
Bob Friesenhahn
bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/
GraphicsMagick Maintainer, http://www.GraphicsMagick.org/
Public Key, http://www.simplesystems.org/users/bfriesen/public-key.txt
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
https://openindiana.org/mailman/listinfo/openindiana-discuss
