kdesu? 8.10
Thorny
thorntreehome at gmail.com
Sat Oct 11 16:58:09 UTC 2008
On Fri, 10 Oct 2008 09:19:21 +0200, Dotan Cohen wrote:
> 2008/10/10 Martin Laberge <mlsoft at videotron.ca>:
>> for sure you read the man page, and ajust to your liking, when come
>> security.
>>
>>
> I haven't, and I usually RTFM before doing anything. Really, if I am
> typical of users on this list, then I know just enough to be dangerous. I
> did know about xhost +, but I did not know that it is dangerous. And I've
> been using linux for about five years, and we erased every other OS in the
> house over three years ago!
>
Well, I'm sure you do grok how the command as presented could present a
security risk on a multi-user server but do go on to RTFM. It isn't
necessary to use the command that way and globally allow all other users
to use X. The command will take the *name* argument so you have a bit
better control of who has the X access. Generally I think using this is
aimed at workstations that usually have only user at a time. The last time
I used it I used xhost + localhost and since I was sitting in front of the
workstation's only console and remote login was disabled, I was fairly
sure I would notice if someone reached over my shoulder to use the
keyboard. However, I can't properly call myself a security expert, I could
be missing something critical. If I am I know we will hear about it soon
enough.
More information about the kubuntu-users
mailing list