Deutsch   English   Français   Italiano  
<v275m0$23uab$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!2.eu.feeder.erje.net!feeder.erje.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Muttley@dastardlyhq.com
Newsgroups: comp.windows.x
Subject: Re: X over ssh is not insecure (was: Re: Wayland Is Coming)
Date: Fri, 17 May 2024 08:49:04 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 25
Message-ID: <v275m0$23uab$1@dont-email.me>
References: <v1f0ja$3ot7f$2@dont-email.me> <v1gf9m$3cc2$1@dont-email.me>
	<v1go2h$5t3j$1@dont-email.me> <v1hkte$ff9u$1@dont-email.me>
	<v1hmbt$fodm$1@dont-email.me> <v1hudh$hgfo$1@dont-email.me>
	<v1hv91$hlvf$3@dont-email.me> <v1i0o0$i1cj$1@dont-email.me>
	<v1jg3l$t2ec$1@dont-email.me> <v1km3j$18kt3$1@dont-email.me>
	<v1m57b$1iq5v$14@dont-email.me> <v1nbvl$1urm9$1@dont-email.me>
	<v1p3pp$2ake7$8@dont-email.me> <v1pvgk$2kmug$1@dont-email.me>
	<v1r99u$2vljb$1@dont-email.me> <v1shb1$3bksp$1@dont-email.me>
	<v1snne$3d0as$2@dont-email.me> <slrnv43r0m.2kacj.jcb@high.jcbradfield.org>
	<v20mfh$dgso$1@dont-email.me> <v21nc1$o322$1@dont-email.me>
	<v22o06$ticm$2@dont-email.me>
 <v272jk$23abr$2@dont-email.me>
Injection-Date: Fri, 17 May 2024 10:49:04 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="034205c0ff264c313f521d2ea221a170";
	logging-data="2226507"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18XVSXgi8sQJEm/vqgk4F7y"
Cancel-Lock: sha1:bKA5BxshkClftw+UOnbx7vHiN4U=
Bytes: 2303

On Fri, 17 May 2024 07:56:36 -0000 (UTC)
Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
>On Wed, 15 May 2024 16:31:02 -0000 (UTC), vallor wrote:
>
>> Lawrence doesn't seem to understand ~/.Xauthority ...
>> 
>> ssh does though -- if you forward an X connection through ssh,
>> it will manage the necessary .Xauthority entries with xauth(1).
>
>And hopefully it manages to clean that up as well, when you drop the 
>connection.
>
>> This completely invalidates the "X over ssh is insecure" argument.
>
>It does take an awful lot of pieces, working together correctly, to ensure 
>this, doesn’t it?

Have you heard of the Unix way?

>Wayland is somewhat simpler than this.

I'm sure thats what Poettering thought about init scripts when he created 
systemd. Turns out - not so much.