Re: xhost +
Re: xhost +
Don MacQueen wrote:
> If you _must_ use the xhost + command, try to limit it to just the
> remote machines you use. Try putting it in your .xinitrc file, if you
> have one,
If you *must* do "xhost +", please place it in .xinitrc. It is much
better than:
> or maybe one of your shell startup scripts, such as .login,
> .tcshrc, .cshrc, or whichever variation you're using.
Please don't do this. Putting it in .login, .tcshrc, or .cshrc is a bad
idea. That means that "xhost +" is executed every time you start a new
shell. Say you logged onto your machine through ssh from a co-worker's
machine. In this case, you would be executing the "xhost +" with the
DISPLAY pointed at your co-worker's machine. This is undesirable. You want
it to only execute once, at X11 startup. The correct location for these
types of settings is in the .xinitrc file.
(I have never seen a case where someone needs to do an "xhost +". If you
really want to do access control like this, I would suggest doing "xhost
machine1name machine2name ..." instead. It's much more secure than doing
"xhost +".
If you are still unconvinced about how bad "xhost +" is, you should know
that there are simple programs floating around the net that will capture
every single keystroke you type into any window. If you "xhost +", you are
telling your computer that you are willing to let anyone on the entire
Internet read these keystrokes.
You have been warned! :-)
-Sean
__
email@hidden
_______________________________________________
x11-users mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/x11-users
X11 for Mac OS X FAQ: http://developer.apple.com/qa/qa2001/qa1232.html
Report issues, request features, feedback: http://developer.apple.com/bugreporter
Do not post admin requests to the list. They will be ignored.
| References: | |
| | >xhost + (From: Steve Roach <email@hidden>) |
| | >Re: xhost + (From: Don MacQueen <email@hidden>) |