Deutsch English Français Italiano |
<v275m0$23uab$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!2.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Muttley@dastardlyhq.com Newsgroups: comp.windows.x Subject: Re: X over ssh is not insecure (was: Re: Wayland Is Coming) Date: Fri, 17 May 2024 08:49:04 -0000 (UTC) Organization: A noiseless patient Spider Lines: 25 Message-ID: <v275m0$23uab$1@dont-email.me> References: <v1f0ja$3ot7f$2@dont-email.me> <v1gf9m$3cc2$1@dont-email.me> <v1go2h$5t3j$1@dont-email.me> <v1hkte$ff9u$1@dont-email.me> <v1hmbt$fodm$1@dont-email.me> <v1hudh$hgfo$1@dont-email.me> <v1hv91$hlvf$3@dont-email.me> <v1i0o0$i1cj$1@dont-email.me> <v1jg3l$t2ec$1@dont-email.me> <v1km3j$18kt3$1@dont-email.me> <v1m57b$1iq5v$14@dont-email.me> <v1nbvl$1urm9$1@dont-email.me> <v1p3pp$2ake7$8@dont-email.me> <v1pvgk$2kmug$1@dont-email.me> <v1r99u$2vljb$1@dont-email.me> <v1shb1$3bksp$1@dont-email.me> <v1snne$3d0as$2@dont-email.me> <slrnv43r0m.2kacj.jcb@high.jcbradfield.org> <v20mfh$dgso$1@dont-email.me> <v21nc1$o322$1@dont-email.me> <v22o06$ticm$2@dont-email.me> <v272jk$23abr$2@dont-email.me> Injection-Date: Fri, 17 May 2024 10:49:04 +0200 (CEST) Injection-Info: dont-email.me; posting-host="034205c0ff264c313f521d2ea221a170"; logging-data="2226507"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18XVSXgi8sQJEm/vqgk4F7y" Cancel-Lock: sha1:bKA5BxshkClftw+UOnbx7vHiN4U= Bytes: 2303 On Fri, 17 May 2024 07:56:36 -0000 (UTC) Lawrence D'Oliveiro <ldo@nz.invalid> wrote: >On Wed, 15 May 2024 16:31:02 -0000 (UTC), vallor wrote: > >> Lawrence doesn't seem to understand ~/.Xauthority ... >> >> ssh does though -- if you forward an X connection through ssh, >> it will manage the necessary .Xauthority entries with xauth(1). > >And hopefully it manages to clean that up as well, when you drop the >connection. > >> This completely invalidates the "X over ssh is insecure" argument. > >It does take an awful lot of pieces, working together correctly, to ensure >this, doesn’t it? Have you heard of the Unix way? >Wayland is somewhat simpler than this. I'm sure thats what Poettering thought about init scripts when he created systemd. Turns out - not so much.