Karsten M. Self said: >> #export DISPLAY=localhost:0.0 >> $xhost +localhost > > Very bad idea. This opens your X session to any user. If you're using a > truly brain-dead configuration, this means any host which can see yours on > the network can read or write your X connection.
I don't understand why this is bad.. I mean xhost + is usually a bad idea but xhost +some_address should restrict it to that one address. of course if you have multiple users on the same machine it's a bad idea, my systems are generally single user(at least systems with X). but I still have to resort to using xhost +some_address for systems that don't have ssh(it can be a real bitch to get ssh working on some platforms(strictly non-linux/bsd speaking). my former employer makes a popular commercial X server/thin client solution, and at least at one point(not sure if they fixed it) the system ran by default without any access controls(xhost +), though the X server did not listen for TCP connections so you had to be on the same machine in order to do anything. I was really suprised when they said that, they acted like it wasn't anything bad :/ especially since the software was used on thin clients, usually multiple users logged in at once. I don't think customers ever noticed/complained even. nate -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
