Hello, that are definetly some approaches I wasn't aware of!
Actually, the untrusted xauthority was what I was looking for. Except of course what you've already pointed out: many applications do not support untrusted xauths or do not run as expected. Even xeyes cannot set its transparent background. I believe in security through simplicity. That's what I like about vserver: It's simple; except the handling of the notorious loopback-device, of course. But running applications under Xnest or Xvnc seems to add a little overhead. ssh-programmers also thought about using Xnest to ensure X11-forwarning security, but finally said Xnest was too insecure and not simple enough for the average user. Thanks, gt _______________________________________________ Vserver mailing list [EMAIL PROTECTED] http://list.linux-vserver.org/mailman/listinfo/vserver
