From owner-freebsd-security  Fri Jul 10 16:37:07 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA13868
          for freebsd-security-outgoing; Fri, 10 Jul 1998 16:37:07 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from relay.acadiau.ca (relay.acadiau.ca [131.162.2.90])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA13856
          for <security@freebsd.org>; Fri, 10 Jul 1998 16:36:58 -0700 (PDT)
          (envelope-from 026809r@dragon.acadiau.ca)
Received: from dragon.acadiau.ca (dragon [131.162.1.79])
	by relay.acadiau.ca (8.8.5/8.8.5) with SMTP id UAA23104;
	Fri, 10 Jul 1998 20:36:54 -0300 (ADT)
Received: by dragon.acadiau.ca 
	id UAA08298; Fri, 10 Jul 1998 20:36:52 -0300
From: 026809r@dragon.acadiau.ca (Michael Richards)
Message-Id: <199807102336.UAA08298@dragon.acadiau.ca>
Subject: Re: RootRunner (admin GUI w/o security holes?)
To: jehamby@manta.jpl.nasa.gov (Jake Hamby)
Date: Fri, 10 Jul 1998 20:36:51 -0300 (ADT)
Cc: security@FreeBSD.ORG
In-Reply-To: <Pine.GSO.3.96.980710141343.3715A-100000@manta> from "Jake Hamby" at Jul 10, 98 02:14:46 pm
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Anyway, in order to administer a UNIX system, you typically need root
> privileges.  Yet it's a Bad Idea to run X as root.  Looking at other GUI
> admin tools, I've seen two basic approaches.  First, many require the user

Why not just use ssh to forward your root x connections via an encrypted
connection. All of your problems go away. You are even secure from network
sniffers because the entire data stream is encrypted.

-Mike

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message