Am Samstag, 11. Februar 2006 23:45 schrieb Guillaume Laurent:
> On Saturday 11 February 2006 14:39, Ivor Hewitt wrote:
> > On Saturday 11 February 2006 12:15, Dave Feustel wrote:
> > > 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding
> > > =A0Logging into another machine can compromise your desktop...

> >
> > " If someone on the server can read your ~/.Xauthority file (hopefully =

only
> > root, but if you have bad file permissions you're in trouble),"
> >
> > I'm sorry, thats just too stupid to be worth commenting on.

> =


> There's this gem, too : "any time you SSH to another machine, that machin=

e's =

> administrators could attack you".
> =


> Thanks for the laugh, anyway.




Why do you think this is funny? =


It's old news, it's *not* an exploit of a programming error =

and it's not exactly on-topic for this list. =

But it's a potential insecurity that follows from the design of X11, =

ssh and the UNIX user privilege system. It's very unpleasant.

I think people should be aware of these issues. The recommendation
near the end of the article is good common sense: =

"So, when should you enable X11 forwarding? =

Only when you really really need to, and only to machines which you trust."


Christian. =



=

>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscrib=

e <<