Re: [Plash] Re: [cap-talk] Plash: Empowering Security

plash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Plash] Re: [cap-talk] Plash: Empowering Security

From:	Timo Lindfors
Subject:	Re: [Plash] Re: [cap-talk] Plash: Empowering Security
Date:	Thu, 10 Apr 2008 11:37:15 +0300
User-agent:	Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)

Hi,

Mark Seaborn <address@hidden> writes:
> By default "ssh -X" doesn't use the XSecurity extension on Debian or
> Ubuntu.  See "ForwardX11Trusted" on the ssh_config man page.  I think

Now, that was an interesting observation! I can see it in the man page
now that I specifically look for it but I am certain I have read it
many times without paying attention to this difference in the past. In
fact, when I asked even the most security-aware debian-using friends
they too did not know that on a fresh debian box the "secure" way to
run X11 programs from university machines requires quite a lot of
typing:

ssh -o'ForwardX11Trusted no' -X remote.example.com

best regards,
Timo Lindfors

[Prev in Thread]

Current Thread

[Next in Thread]

[Plash] Re: [cap-talk] Plash: Empowering Security, Mark Seaborn, 2008/04/07
- Re: [Plash] Re: [cap-talk] Plash: Empowering Security, Timo Lindfors, 2008/04/07
  - Re: [Plash] Re: [cap-talk] Plash: Empowering Security, Mark Seaborn, 2008/04/08
    - Re: [Plash] Re: [cap-talk] Plash: Empowering Security, Timo Lindfors <=

Prev by Date: [Plash] Example has too many ='s
Next by Date: Re: [Plash] Example has too many ='s
Previous by thread: Re: [Plash] Re: [cap-talk] Plash: Empowering Security
Next by thread: [Plash] example evince.pkg file
Index(es):
- Date
- Thread