Groups | Search | Server Info | Login | Register
Groups > comp.windows.x > #546
| From | vallor <vallor@cultnix.org> |
|---|---|
| Newsgroups | comp.windows.x |
| Subject | X over ssh is not insecure (was: Re: Wayland Is Coming) |
| Date | 2024-05-15 16:31 +0000 |
| Organization | A noiseless patient Spider |
| Message-ID | <v22o06$ticm$2@dont-email.me> (permalink) |
| References | (15 earlier) <v1shb1$3bksp$1@dont-email.me> <v1snne$3d0as$2@dont-email.me> <slrnv43r0m.2kacj.jcb@high.jcbradfield.org> <v20mfh$dgso$1@dont-email.me> <v21nc1$o322$1@dont-email.me> |
On Wed, 15 May 2024 07:14:09 -0000 (UTC), Muttley@dastardlyhq.com wrote in <v21nc1$o322$1@dont-email.me>: > On Tue, 14 May 2024 21:52:49 -0000 (UTC) > Lawrence D'Oliveiro <ldo@nz.invalid> wrote: >>On Mon, 13 May 2024 10:31:50 +0000 (UTC), Julian Bradfield wrote: >> >>> The socket is usually called /tmp/.X11-unix/Xn for display n. >> >>The socket *has* to be called X«n», and be located in /tmp/.X11-unix/. > > In one post you're claiming X doesn't use unix sockets, now you're an > expert on what the permissions should be. > >>Which is a world-writable directory. You see the problem? > > Its not a problem , its part of the design. > >>The Wayland socket goes in $XDG_RUNTIME_DIR, which is a variable under >>the control of the user. It usually points to /run/user/«userid». Which >>belongs to that specific user. > > Very useful if a process running under another user id wants to connect. Lawrence doesn't seem to understand ~/.Xauthority ... ssh does though -- if you forward an X connection through ssh, it will manage the necessary .Xauthority entries with xauth(1). This completely invalidates the "X over ssh is insecure" argument. export DISPLAY=:0.0 # This uses a Unix socket. Not even root can run X clients on the display server, if it doesn't have the necessary .Xauthority entry. Protip: # ll /root/.Xauthority lrwxrwxrwx 1 root root 23 Oct 12 2023 /root/.Xauthority -> /home/ xxx/.Xauthority I can't see using Wayland until remote connection forwarding is handled. If there is something that gets access to Wayland via a Unix socket, then I could see ssh being changed to add Wayland connection forwarding. -- -v
Back to comp.windows.x | Previous | Next — Previous in thread | Next in thread | Find similar
Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-08 04:55 +0000
Re: Wayland Is Coming gazelle@shell.xmission.com (Kenny McCormack) - 2024-05-08 12:03 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-08 14:01 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-08 20:44 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-09 07:35 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-09 07:49 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-09 05:20 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-09 07:39 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-09 07:50 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-09 08:19 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-09 21:45 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-10 08:34 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-12 02:23 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-12 08:48 +0000
Re: Wayland Is Coming Zach Metzinger <please@ask.me.invalid> - 2024-05-12 14:08 -0500
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-12 20:42 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-12 20:42 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-13 08:05 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-14 00:49 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-14 07:39 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-17 07:55 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-17 08:48 +0000
Re: Wayland Is Coming Eli the Bearded <*@eli.users.panix.com> - 2024-05-12 22:09 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-13 08:09 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-13 09:45 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-13 11:03 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-13 22:59 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-14 07:37 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-15 05:55 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-15 07:18 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-24 03:40 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-24 08:51 +0000
Re: Wayland Is Coming Marco Moock <mm+usenet-es@dorfdsl.de> - 2024-05-08 20:12 +0200
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-08 20:41 +0000
Re: Wayland Is Coming Marco Moock <mm+usenet-es@dorfdsl.de> - 2024-05-09 06:54 +0200
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-09 05:18 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-09 07:36 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-09 07:50 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-09 08:16 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-09 21:44 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-10 08:32 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-10 21:56 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-11 08:58 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-12 00:51 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-12 08:44 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-12 20:37 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-13 08:00 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-13 09:49 +0000
Re: Wayland Is Coming Julian Bradfield <jcb@inf.ed.ac.uk> - 2024-05-13 10:31 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-14 21:52 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-15 07:14 +0000
X over ssh is not insecure (was: Re: Wayland Is Coming) vallor <vallor@cultnix.org> - 2024-05-15 16:31 +0000
Re: X over ssh is not insecure (was: Re: Wayland Is Coming) Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-17 07:56 +0000
Re: X over ssh is not insecure (was: Re: Wayland Is Coming) Muttley@dastardlyhq.com - 2024-05-17 08:49 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-13 11:08 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-13 22:58 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-14 07:36 +0000
Re: Wayland Is Coming Marco Moock <mm+usenet-es@dorfdsl.de> - 2024-05-09 10:30 +0200
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-09 08:36 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-09 21:50 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-10 08:35 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-10 21:57 +0000
Re: Wayland Is Coming Javier <invalid@invalid.invalid> - 2024-05-10 00:38 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-10 01:05 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-10 08:37 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-10 21:56 +0000
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-11 08:52 +0000
Re: Wayland Is Coming Zach Metzinger <please@ask.me.invalid> - 2024-05-10 11:11 -0500
Re: Wayland Is Coming Marco Moock <mm+usenet-es@dorfdsl.de> - 2024-05-10 21:32 +0200
Re: Wayland Is Coming Zach Metzinger <please@ask.me.invalid> - 2024-05-10 15:56 -0500
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-10 21:55 +0000
Re: Wayland Is Coming Marco Moock <mm+usenet-es@dorfdsl.de> - 2024-05-11 10:13 +0200
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-10 21:54 +0000
Re: Wayland Is Coming Alastair Hogge <agh@riseup.net> - 2024-05-11 02:18 +0000
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-11 03:25 +0000
Re: Wayland Is Coming Winston <wbe@UBEBLOCK.psr.com.invalid> - 2024-05-11 00:10 -0400
Re: Wayland Is Coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-11 05:40 +0000
Re: Wayland Is Coming Alastair Hogge <agh@riseup.net> - 2024-05-12 02:32 +0000
Re: Wayland Is Coming Zach Metzinger <ask.me@nowhere.invalid> - 2024-05-11 09:43 -0500
Re: Wayland Is Coming Muttley@dastardlyhq.com - 2024-05-11 14:51 +0000
Re: Wayland is coming Ivan Shmakov <ivan@siamics.netREMOVE.invalid> - 2024-05-11 10:25 +0000
Re: Wayland is coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-12 00:57 +0000
Re: Wayland is coming Sebastian Wells <sebastian@here.com.invalid> - 2024-05-25 09:47 +0000
Re: Wayland is coming Muttley@dastardlyhq.com - 2024-05-25 10:10 +0000
Re: Wayland is coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-25 22:39 +0000
Re: Wayland is coming Sebastian Wells <sebastian@here.com.invalid> - 2024-05-26 09:21 +0000
Re: Wayland is coming Lawrence D'Oliveiro <ldo@nz.invalid> - 2024-05-26 20:59 +0000
Re: Wayland is coming Muttley@dastardlyhq.com - 2024-05-27 10:16 +0000
Re: Wayland is coming Muttley@dastardlyhq.com - 2024-05-27 10:17 +0000
csiph-web