Re: Urgent - Potential security hole.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Nov 01, 2004 at 02:50:59PM -0500, Nalin Dahyabhai wrote:
> On Sat, Oct 30, 2004 at 11:06:13AM -0600, Michal Jaegermann wrote:
> > 
> > There is another problem, though. 'man ssh' says:
> > 
> >    X11 and TCP forwarding
> >      If the ForwardX11 variable is set to "yes" ...
 ...
> > and not a peep about some '-Y'.

> The short-and-probably-inadequate explanation is that untrusted clients
> can only interact/mess with other untrusted clients, the idea being that
> you have clients which might misbehave, and those that you trust to not.

What I can guess, rightly or wrongly, is another story. :-)  I just
pointed out that the current documentation for 'ssh' is somewhat, ah,
inadequte and even a bit misleading.  An explicit reference to other
sources you quote would undoubtely help; as also a word or two about
'-Y' in a subsection entitled "X11 and TCP forwarding".  I am also
not sure if I see right away an example when '-X' option would
be really useful with this version of ssh.  Maybe I do not have
a setup where I can see that?

   Michal


[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]