[Fwd: Re: X-windows security in Gnome]

[Dan Kaminsky]

> What else can possibly be done to integrate SSH and apps? I mean, it
works, doesn't it?

X could use SSH as the native transport for all non-localhost connections,
actually instantiating ssh sessions on demand.  This has...interesting
security implications.  It can imply an authentication mode that allows
remote display forwarding but not command execution or port forwarding.

Why not SSL?  SSH's auth model is more flexible and useful.  SSL client auth
is...yeah.

X has some issues, though.  Global inter-window keyboard sniffing is in my
mind far and away the largest security issue with X.  Merely by having an
open channel for X traffic to pass, a hostile daemon can sniff my keyboard
activity -- even if I have *no* windows open from that other server.  This
is a huge issue that we've only addressed by removing Default X-Forwarding.

Anyway, certainly more is *possible*.

--Dan