Date: Tue, 29 Aug 2000 23:44:51 -0700 From: "Crist J . Clark" <cjclark@reflexnet.net> To: freebsd-security@freebsd.org Subject: Disabling xhost(1) Access Control Message-ID: <20000829234451.G62475@149.211.6.64.reflexcom.com>
next in thread | raw e-mail | index | archive | help
I want users to use user-level X access controls, that is, xauth(1) and the magic cookies. I do NOT want people using xhost(1) access controls. FreeBSD's XFree86 (unlike so many other X dists) defaults to enabling xauth. The problem is, it does not prevent lusers from still doing things like put 'xhost +' in their .login and defeating the system. (Grrrr...) I've been searching and cannot find a way to disable xhost(1) level access. And I mean disabling as in defaulting to everything locked out as opposed to defaulting to wide open. If a user were to 'xhost +' it would not open things up. Is there such a way to do this (aside 'rm /usr/bin/xhost' and setting all user writable filesystems noexec)? This is for xdm(1) setups and not necessarily xinit(1). -- Crist J. Clark cjclark@alum.mit.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000829234451.G62475>