Is it securely: `hostname`:10 ?

[Andre Lucas]

Nigel Metheringham wrote:
> 
> djm at mindrot.org said:
> > IIRC some broken Unices (references?) autodetect localhost:xx
> > $DISPLAYs and starting using shared memory to communicate.
> This certainly happens on Linux/XFree - I think it actually uses a
> local socket rather than shmem, but the communication method is not the
> same as for other IP addresses.
 
HPUX uses shmem.

> To make life more complicated, a machine that gets its IP address from
> DHCP or similar may have an entry in hosts for its machine name but
> with 127.0.0.1 (saves rewriting hosts on each address acquisition).
> 
> It would be good if openssh could handle this brokenness effectively.

You could add '--with-ipaddr-display' to your configure options to get
DISPLAY in the form '192.168.1.1:10'. However, if the host returns
127.0.0.1 as the first address from gethostbyname(hostname) then this
might not work as expected. If, as has been said, some hosts use an
AF_UNIX socket whenever they detect the loopback address, this still
won't work.

I started making changes to this code to check for the loopback address
in the list of addresses returned by gethostbyname(). However, I'm not
sure how this would work with IPv6 (I've not really coded anything for
v6 yet, and I don't have an IPv6 box to test it on at work) so I
stopped. All I think needs done is, instead of just memcpy()ing
h_addr_list[0] as the IP address, take the first address that isn't
127.0.0.1, or use that address as the last resort if no others are
available.

-Andre