|
|
|
|
|
|
by antisol
921 days ago
|
|
|
There are real security issues with X. For example, there's not really much of a permissions system on the X protocol, which is why X tends to be configured to either deny everything but localhost or not listen on TCP at all by default. When you allow a host to use your X display, you allow that host a crazy level of control over your system. IIUC you can do all kinds of nasty stuff with it, like getting info about other applications/windows and i think even arbitrary drawing on the screen (i.e over those other windows). You can also do stuff like snoop mouse movement and keyboard presses (i.e keylogger), and not just in your own application. As I understand, it's really pretty nasty and insecure to allow an untrusted remote machine to use your X server. It's not a good situation. Weyland's solution does, admittedly, close this class of security issues very effectively - by just not being a remote protocol at all. |
|
|