X11 forwarding over SSH - yet another loop-hole ?

Anand Srinivasan anandhsrini at gmail.com
Tue Feb 13 04:44:10 EST 2007


Hi,

I'm not sure if this is the right place to post this but I recently noticed
something strange with X11 forwarding over SSH. I was running X11 on my Mac
(OS X Server 10.4.8) and had two separate SSH sessions open to two different
Linux boxes (I used the -Y flag). I started Firefox on the first box and
then subsequently started Firefox on the second box. But instead of starting
a new process on the second box a new process was spawned on the first box -
I ran top to verify this and there was no Firefox process running on the
second box, while there were two on the first ! I tried this a bunch of
times and still the same thing happened. I believe this is a security
loop-hole in the X11 forwarding over SSH. I've also tested this on a Windows
box using putty and Xming(or any other  X windows client) and still the same
result. I would like to know if this problem has been addressed before and
if so what is the solution to this. I have also tried connecting to the
Linux boxes using the SSH -X flag and still the same result. Does this mean
that -X is not really that secure when compared to -Y ?

If this not the right place to post this do let me know and I'll send this
question else where.

Thanks,

Anand


More information about the openssh-unix-dev mailing list