Hi,
I have a question about using Xvfb securely on a multi-user system. We
are currently using xorg-x11-server-Xvfb-1.10.4-6.el6.x86_64. Our main
reason for using Xvfb is to accommodate one of our users, whose
scientific computing software requires an X server for some reason.
My concern is that if the non-privileged user runs the following: `Xvfb
:1 -screen 0 800x600x24+1`
Any user on the system is able to export DISPLAY=:1 and run programs
that connect to his dummy X server. I'm aware of auth file and xhost
mechanisms for access control, but I was wondering how I can have Xvfb
restrict connections strictly to the user, by default.
In other words: How can I prevent an uninformed user from using the Xvfb
defaults and opening X to the world?
Thanks,
Billy Wilson
_______________________________________________
[email protected]: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: http://lists.x.org/mailman/listinfo/xorg
Your subscription address: %(user_address)s
