Amos Shapira wrote: > On 07/12/2007, Karanbir Singh <mail-lists at karan.org> wrote: >> I am not doubting that -X will mostly work, but perhaps we should be >> promoting the idea of -Y a bit more. > > I'm totally with you about promoting security, but I got the > impression it's the other way around and -X is the more secure one: > > -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not > subjected to the X11 SECURITY extension controls. -X is "more secure" in the sense that almost nothing works with it if trusted forwarding is turned off by default as in the more recent openssh packages. I still don't have much of a clue what trusted vs. untrusted forwarding actually means, though. -- Les Mikesell lesmikesell at gmail.com