From: GT (gt_at_syndicus.org)
Date: Sun 02 Nov 2003 - 15:48:30 GMT

• Previous message: Jerker Nyberg: "Re: [Vserver] X security"
• In reply to: Jerker Nyberg: "Re: [Vserver] X security"
• Next in thread: Paul Sladen: "Re: [Vserver] X security"

Hello,

that are definetly some approaches I wasn't aware of!

Actually, the untrusted xauthority was what I was looking for. Except of course what you've already pointed out: many applications do not support untrusted xauths or do not run as expected. Even xeyes cannot set its transparent background.

I believe in security through simplicity. That's what I like about vserver: It's simple; except the handling of the notorious loopback-device, of course.

But running applications under Xnest or Xvnc seems to add a little overhead. ssh-programmers also thought about using Xnest to ensure X11-forwarning security, but finally said Xnest was too insecure and not simple enough for the average user.

Thanks,
gt
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver

• Previous message: Jerker Nyberg: "Re: [Vserver] X security"
• In reply to: Jerker Nyberg: "Re: [Vserver] X security"
• Next in thread: Paul Sladen: "Re: [Vserver] X security"