Netscape hole without .Xauthority (fwd)
Robert Owen Thomas
rthomas at pamd.cig.mot.com
Wed Oct 4 07:50:54 PDT 1995
good points, Christian!
more and more, networks are becoming flooded with X traffic. although X
has always been known to be a potential security hole, i think X-attacks
are going to increase dramatically in the coming months.
i commonly hear of sights with Xauthority enabled, only to have the user
community type "xhost +" at the prompt. bad karma. the days of pumping
rude & crass noises to someone else's workstation will soon graduate to
more nefarious and insidious attacks.
is anyone looking into a means of securing X (above and beyond the current
weak solutions)?
regards,
--robert
--
o robert owen thomas: unix consultant. cymro ydw i. user scratching post. o
o e-mail: Robert.Thomas at pamd.cig.mot.com --or-- robt at cymru.com o
o vox: 708.435.7076 fax: 708.435.7360 o
o "When I die, I want to go sleeping like my grandfather... o
o Not screaming like the passengers in his car." o
More information about the cypherpunks-legacy
mailing list