What risk is X11Forward to a server?
Dave Dykstra
dwd at bell-labs.com
Fri Oct 26 05:46:17 EST 2001
On Thu, Oct 25, 2001 at 02:23:57PM -0500, Dave Dykstra wrote:
> I agree that X11 forwarding on the server is not a problem; the problem is
> that a secure client can be put at risk from an insecure server. If you're
> accessing a secure server from an insecure client you've got worse problems
> and X11 forwarding won't add any risk to the server.
>
> Why, then, doesn't OpenSSH set X11Forward=yes by default on the server?
I'm sorry that I hadn't yet gotten to the other thread that brought up the
same question. Markus said it has been discussed before, I guess I'll
search the archives.
- Dave Dykstra
More information about the openssh-unix-dev
mailing list