From owner-freebsd-stable Fri Feb 16 15:35:59 2001 Delivered-To: freebsd-stable@freebsd.org Received: from moek.pir.net (moek.pir.net [130.64.1.215]) by hub.freebsd.org (Postfix) with ESMTP id E4E9C37B491 for ; Fri, 16 Feb 2001 15:35:56 -0800 (PST) Received: from pir by moek.pir.net with local (Exim) id 14TuPr-0004ZE-00 for freebsd-stable@FreeBSD.ORG; Fri, 16 Feb 2001 18:35:55 -0500 Date: Fri, 16 Feb 2001 18:35:55 -0500 From: Peter Radcliffe To: FreeBSD Stable Subject: Re: openssh not setting DISPLAY Message-ID: <20010216183555.K9583@pir.net> Reply-To: stable@freebsd.org Mail-Followup-To: FreeBSD Stable References: <20010216152317.A97818@mollari.cthul.hu> <33610000.982366319@pyanfar.ece.cmu.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i In-Reply-To: <33610000.982366319@pyanfar.ece.cmu.edu>; from allbery@ece.cmu.edu on Fri, Feb 16, 2001 at 06:31:59PM -0500 X-fish: < X-Copy-On-Listmail: Please do NOT Cc: me on list mail. Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Brandon S. Allbery KF8NH" probably said: > That's interesting, since the sshd manpage from openssh says: > > Note that disabling X11 forwarding does not improve secu­ > rity in any way, as users can always install their own for­ > warders. That is talking about the whole system security for, say, a multiuser system. If the sysadmin disables X11 forwarding then a user can do their own forwarding, but they have to _deliberately_ turn it on. So they are both true, but they're talking about different situations. P. -- pir pir@pir.net pir@net.tufts.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message