ForwardX11Trusted

[Damien Miller]

On Tue, 9 Mar 2004, Colin Watson wrote:

> Since packaging OpenSSH 3.8p1 for Debian, I've got a flood of bug
> reports and confusion about the new untrusted X client configuration.
> 
> At least part of this seems to be the short (2 minutes!) timeout on the
> cookie, so that if you're impatient like me and open a connection to a
> machine that takes a little while to do the key exchange, go off and do
> something in another window in the meantime, and then come back when
> it's finished, you may well find that the untrusted cookie's expired in
> the meantime. This seems a bit excessive.

Markus is looking at this.

> Would anyone think I was crazy for defaulting to ForwardX11Trusted in
> our OpenSSH package for a while until this becomes more mature? At least
> then we don't regress.

Some of the maturing needs to happen in the X11 server libraries, 
toolkits and applications as well. 

The X11 server libraries have fixed, but very coarse security policy 
for what actions an untrusted connection can perform. The toolkits and 
applications need to stop blindly assuming that every action is possible.

-d