end-user whines about 2.10

knowtree at aloha.com knowtree at aloha.com
Thu Mar 31 09:57:01 PST 2005


> From: Randy Bush <randy at psg.com>
> Subject: Re: end-user whines about 2.10 

I used to use ssh to do that and it worked really well. From the ssh man page:

=-=-=-=-=
 X11 and TCP forwarding
If the ForwardX11 variable is set to ``yes'' (or, see the description of
the -X and -x options described later) and the user is using X11 (the
DISPLAY environment variable is set), the connection to the X11 display
is automatically forwarded to the remote side in such a way that any X11
programs started from the shell (or command) will go through the
encrypted channel, and the connection to the real X server will be made
from the local machine.  The user should not manually set DISPLAY.  For-
warding of X11 connections can be configured on the command line or in
configuration files.  Take note that X11 forwarding can represent a secu-
rity hazard.
=-=-=-=-=

I believe the security issue is that if you allow your remote system to
attach to your local X display, other systems can, too. Anyone else care to
comment on that?

Gary Dunn
knowtree at aloha.com
Honolulu




More information about the freebsd-gnome mailing list