David selby <[EMAIL PROTECTED]> writes:You are right I *REALLY* don't want to do this ! I never realised how much access I was allowing ... thanks for the tip.
I can enable other users to log into my x server with xhost +, I need
to do this because I want ro run a program via user web crontab which
uses xmessage.
Uh, there's no better solution at all? With the default Debian settings, the X server doesn't listen on a TCP port anyways, and so xhost is pretty useless. 'xhost +' makes it possible for ANY USER ANYWHERE IN THE WORLD to access your X server, spy on your keystrokes, capture passwords you type into xterms, that sort of thing: you *really* don't want to do it.
Idealy I would like only root user to be able to access my x server
... (less users who can access it, more secure ... rule of thumb) so I
tried ...
...having some way for the cron job to figure out who the user logged into :0.0 is, and setting the XAUTHORITY environment variable to /home/$THATUSER/.Xauthority before running the job.
You might read the Remote-X-Apps mini-HOWTO, which discusses X security controls in some detail.
'xhost +' makes it possible for ANY USER ANYWHERE IN THE WORLD to access your X server, spy on your keystrokes, capture passwords you type into xterms, that sort of thing: you *really* don't want to do it
I will investigate the mini howto ...
Thanks Dave
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
