Quoting Michael Wenk ([EMAIL PROTECTED]): > Hmm, I was just about to say... :-) > > Yes the others will work, xhost tho, IMO is the fastest and requires the > least effort. And I agree that xhost + is not a good way to go, in fact, > you may want to go a bit further and do an xhost +root@localhost > > I forget if xhost assumes wildcards, but why take chances, if you're > explicit, then you lessen the risk.
For what it's worth, the xhost manpage says that the name following the "+" may be either a hostname or a username. Prior to reading your post attentively _and_ reading the manpage, I had been mislead by a recent thread on debian-security where one of the regulars swore up and down that (quoting) "xhost is _host_ based access control, so of course xhost +username doesn't work!" You can see posts from that thread at http://linuxmafia.com/~rick/linux-info/root-with-x11 , where your post is now immortalised at the end. And here, all these years, I've been eschewing xhost as a hopeless security risk. Well, I learned something today. -- Cheers, Right to keep and bear Rick Moen Haiku shall not be abridged [EMAIL PROTECTED] Or denied. So there. _______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech
