Les Mikesell said:
On Wed, 2005-04-06 at 15:48, William Hooper wrote:
There are probably at least a dozen people somewhere that might understand that paragraph, but I'm not one of them. What's the difference between a trusted and untrusted cookie, and why do I need to care now? (I think this relates to when -X works from the client and when -Y is necessary, but maybe not...).
As "man ssh_config" states "See the X11 SECURITY extension specification for full details on the restrictions imposed on untrusted clients." This is really an option that SSH passes to xauth.
Thanks, but you still lost me at 'untrusted'. What makes a client trusted or not?
As it pertains to SSH, 'untrusted' is anything you forward with "ForwardX11Trusted no".
If it's left up to me to decide, why would I run an untrusted one at all?
You don't trust the admin of the server you are SSHing into.