From owner-freebsd-security  Tue Jul  6 10:50:47 1999
Delivered-To: freebsd-security@freebsd.org
Received: from trooper.velocet.ca (trooper.velocet.net [209.167.225.226])
	by hub.freebsd.org (Postfix) with ESMTP id 3C88C14D33
	for <security@FreeBSD.ORG>; Tue,  6 Jul 1999 10:50:40 -0700 (PDT)
	(envelope-from dgilbert@trooper.velocet.ca)
Received: (from dgilbert@localhost)
	by trooper.velocet.ca (8.8.7/8.8.7) id NAA09797;
	Tue, 6 Jul 1999 13:50:36 -0400 (EDT)
From: David Gilbert <dgilbert@velocet.ca>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14210.16875.956392.173972@trooper.velocet.ca>
Date: Tue, 6 Jul 1999 13:50:35 -0400 (EDT)
To: Robert Watson <robert+freebsd@cyrus.watson.org>
Cc: "Vladimir Mencl, MK, susSED" <mencl@nenya.ms.mff.cuni.cz>,
	security@FreeBSD.ORG
Subject: Re: X security (was Re: X and SSH)
In-Reply-To: <Pine.BSF.3.96.990706070421.296E-100000@fledge.watson.org>
References: <Pine.SO4.4.05.9906261604430.24379-100000@nenya>
	<Pine.BSF.3.96.990706070421.296E-100000@fledge.watson.org>
X-Mailer: VM 6.71 under 20.4 "Emerald" XEmacs  Lucid
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>>>>> "Robert" == Robert Watson <robert@cyrus.watson.org> writes:

Robert> On Sat, 26 Jun 1999, Vladimir Mencl, MK, susSED wrote:
>> On Sat, 26 Jun 1999, Robert Watson wrote:
>> 
>> ...
>> 
>> > > I personally like to run incoming tunneled X sessions from
>> under-trusted > hosts in Xnest, but maybe that's just me... :-)
>> 
>> Does it give more security?

Robert> I have not inspected Xnest source, so it might be worth doing
Robert> sometime.  My suspicion is it actually renders the virtual
Robert> display as a bitmap.  Probably a better alternative would be
Robert> to write an X proxy that speaks the X protocol and prevents
Robert> unfortunate things from happening (grabs, xinput capture,
Robert> etc?), perhaps one that spoke to a window manager with
Robert> security extensions to allow you to take advantage of
Robert> knowledge of window behavior.

You might be better off starting with the dxpc source, then, as that
code is already optimized to do just that.  The X proxy in ssh also
does some xauth translation (where the X proxy in dxpc just transfers
it as given)

Dave.

-- 
============================================================================
|David Gilbert, Velocet Communications.       | Two things can only be     |
|Mail:       dgilbert@velocet.net             |  equal if and only if they |
|http://www.velocet.net/~dgilbert             |   are precisely opposite.  |
=========================================================GLO================


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message