[Bug 803] Security Bug: X11 Forwarding is more powerful than it needs to be.

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sat Feb 28 14:38:13 EST 2004


------- Additional Comments From holger at van-lengerich.de  2004-02-28 14:38 -------
Ups. There is more I might tell:

The newly generated cookie is only used by the ssh client. So it will be very
soon invalidated if no other processes use this cookie. Perhaps if implemented a
new cookie should be obtained for every new X request or a timeout, which is
large enough may be associated with the cookie.

The first line "xauth extract ... | xauth -f .Xssh xauthority" is not necessary.
'xauth' is able to create a new Xauthority file right away. Originally I though
xauth needs a valid cookie to get a new one, but this wasn't the case. 

Securing X before ssh with X11 forwarding is done in 2 commands:

xauth -f $HOME/.sshXauthority generate $DISPLAY . untrusted timeout 3600 
export XAUTHORITY=$HOME/.sshXauthority

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-bugs mailing list