Date: Wed, 30 Aug 2000 15:14:46 +0200 (MET DST) From: Per Kristian Hove <perhov+/dev/null@math.ntnu.no> To: Johan Danielsson <joda@pdc.kth.se> Cc: cjclark@alum.mit.edu, freebsd-security@FreeBSD.ORG Subject: Re: Disabling xhost(1) Access Control Message-ID: <Pine.GS4.4.21.0008301504230.29108-100000@martens.math.ntnu.no> In-Reply-To: <xof8ztfm3y3.fsf@blubb.pdc.kth.se>
next in thread | previous in thread | raw e-mail | index | archive | help
[Johan Danielsson] | If you want to do that there are at least two places you have to | change the behaviour in programs/Xserver/os/access.c: | | * for the `xhost +' case change ChangeAccessControl(), to only succeed | for the enable case (paranoid people use `xhost -' routinely). | | * for `xhost +host' change AddHost() to your liking (ifdef out | FamilyInternet). If you're paranoid, you should also change the default behaviour of InvalidHost() [also in access.c] to return 1 instead of 0 if AccessEnabled isn't set [if you're running with `xhost +', that is]. This is where the access check actually takes place. -- Per Kristian Hove Principal engineer Dept. of Mathematical Sciences Norwegian University of Science and Technology To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GS4.4.21.0008301504230.29108-100000>