[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Plash] Re: [cap-talk] Plash: Empowering Security

From: Timo Lindfors
Subject: Re: [Plash] Re: [cap-talk] Plash: Empowering Security
Date: Thu, 10 Apr 2008 11:37:15 +0300
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)


Mark Seaborn <address@hidden> writes:
> By default "ssh -X" doesn't use the XSecurity extension on Debian or
> Ubuntu.  See "ForwardX11Trusted" on the ssh_config man page.  I think

Now, that was an interesting observation! I can see it in the man page
now that I specifically look for it but I am certain I have read it
many times without paying attention to this difference in the past. In
fact, when I asked even the most security-aware debian-using friends
they too did not know that on a fresh debian box the "secure" way to
run X11 programs from university machines requires quite a lot of

ssh -o'ForwardX11Trusted no' -X

best regards,
Timo Lindfors

reply via email to

[Prev in Thread] Current Thread [Next in Thread]