Is it securely: `hostname`:10 ?

Markus Friedl markus.friedl at
Thu Mar 2 22:42:19 EST 2000

On Thu, Mar 02, 2000 at 09:09:38PM +1100, Damien Miller wrote:
> IIRC some broken Unices (references?) autodetect localhost:xx
> $DISPLAYs and starting using shared memory to communicate.

the X lib is buggy:

>From: per at (Per Hedeland)
>Subject: Re: X forwarding works w/ some progs, not others
>Date: 16 Dec 1999 11:24:29 GMT
>Organization: Ericsson Utvecklings AB, Stockholm, Sweden
>Lines: 64
>Sender: per at aalborg (Per Hedeland)
>Message-ID: <83ai5d$65p$1 at>
>References: <Pine.LNX.4.10.9912151933080.818-100000 at localhost.localdomain> <83abh4$mif$1 at>
>NNTP-Posting-User: per
>X-Newsreader: xrn 9.01

In article <83abh4$mif$1 at>,
 pjb1008 at (Peter Benie) writes:
>In article <Pine.LNX.4.10.9912151933080.818-100000 at localhost.localdomain>,
>Steven A. Richman <on at> wrote:
>>Programs that work include: emacs, xv, xcalc, x3270, xfontsel, xbiff,
>>acroread, xgremlin, xman, and xedit.
>>Programs that don't work include: xterm, xemacs, gv, netscape, xlogo,
>>xmag, xdvi... and most others.
>Another problem is that some X libraries are too clever and spot local
>displays and force the use of the UDP sockets in /tmp. Are some of your
>programs linked with different versions of the X libraries? If they are,
>check how the X client is trying to make the connection to the X server by
>running the client under strace. 

This is almost certainly the case (and has been mentioned a couple of
times before here - they aren't UDP sockets though). Recent versions of
Xlib from (at least the one in X11R6.4) have an extremely
brain-dead "optimization" that does just this - totally disregarding the
fact that the semantics of DISPLAY=<hostname>:<display>[.<screen>] have
always been "use TCP", while you'd leave out the <hostname> part to
request connection via Unix domain socket / named pipe.

Steven wrote that sshd/X-client was on Solaris 7, I haven't tried it
there but the Xlib that ships with Solaris 2.6 while X11R6-based does
*not* have this problem - however if you've also installed the version
from you get precisely this kind of mixed behaviour depending on
how the different clients were built (might even be dependant on
LD_LIBRARY_PATH etc settings at runtime).

Below is the patch I applied to my X11R6.4 installation to just get rid
of this nonsense - as libX11 is shared you "just" need to rebuild and
re-install it to fix all the broken clients in one sweep. (Unless you
have multiple broken versions installed, that is...:-) A workaround
would be to change the DISPLAY setting to use <IP-address>:x.y instead
of <hostname>:x.y - actually you can even get sshd to do that for you,
if you #define NONSTANDARD_IP_ADDRESS_X11_KLUDGE in config.h and
rebuild - not sure if that works in the old 1.2.22 though.

--Per Hedeland
per at

--- X11R6.4/xc/lib/X11/ConnDis.c.ORIG	Fri Feb  6 23:12:07 1998
+++ X11R6.4/xc/lib/X11/ConnDis.c	Thu Oct 15 12:43:15 1998
@@ -177,6 +177,11 @@
     p = lastc;
+/* This is broken - no reason to assume there is anyone listening on
+   the named pipe or whatever just because it is listening on the TCP
+   socket. Plus it's broken even if that were true due to strncmp
+   potentially matching a substring of the display-hostname.  /Per H */
+#if 0
     /* check if phostname == localnodename */
     if (phostname && uname(&sys) >= 0 &&
@@ -185,6 +190,7 @@
 	Xfree (phostname);
 	phostname = copystring ("unix", 4);

More information about the openssh-unix-dev mailing list