From owner-freebsd-security Thu Feb 24 0:45:54 2000 Delivered-To: freebsd-security@freebsd.org Received: from hydrant.intranova.net (hydrant.intranova.net [209.201.95.10]) by hub.freebsd.org (Postfix) with SMTP id 2D0B737BCB9 for ; Thu, 24 Feb 2000 00:45:50 -0800 (PST) (envelope-from oogali@intranova.net) Received: (qmail 3043 invoked from network); 23 Feb 2000 23:57:57 -0000 Received: from localhost (user50972@127.0.0.1) by hydrant.intranova.net with SMTP; 23 Feb 2000 23:57:57 -0000 Date: Wed, 23 Feb 2000 18:57:56 -0500 (EST) From: Omachonu Ogali To: Bengt Richter Cc: freebsd-security@FreeBSD.ORG Subject: Re: NG report of "Security hole in GNOME" In-Reply-To: <3.0.5.32.20000223150439.008f5ab0@mail.accessone.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org That's completely untrue. .ICEauthority has been around for a while and if you peek at it you'll see it contains authentication information for the X server, sort of like an xhost (I think). Do man iceauth to read on it more, and do us a favor and relay this back to the newsgroup... On Wed, 23 Feb 2000, Bengt Richter wrote: > The following appeared on comp.unix.bsd.freebsd.misc: > Any details? > ------------------ > FreeBSD users should be aware that the stable ports of GNOME > will install a spy file named .ICEauthority and information > about your system will be transmitted every time a GNOME function > is invoked. > > > -- +-------------------------------------------------------------------------+ | Omachonu Ogali oogali@intranova.net | | Intranova Networking Group http://tribune.intranova.net | | PGP Key ID: 0xBFE60839 | | PGP Fingerprint: C8 51 14 FD 2A 87 53 D1 E3 AA 12 12 01 93 BD 34 | +-------------------------------------------------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message