warren at etr-usa.com
Mon Dec 30 22:26:57 UTC 2013
On 12/28/2013 08:09, Eero Volotinen wrote:
> xhost + is very dangerous way to do that as it allows all clients to
> connect to display(s)
"Dangerous" depends on your local trust model.
Back when I was new to Unix -- a couple of decades ago, before
widespread firewalls and such -- we tended to trust LAN users
implicitly. That level of trust allowed some nice features that we've
had to give up in this more hostile modern world.
There once was a fun program you could run on a lab full of X Window
terminals or workstations that would march an Energizer Bunny from one
screen to the next, along the bottom edge of the screen. Can't do that
kind of thing now, thanks to security killjoys and the bad actors that
create jobs for them.
Two decades later, we're contemplating encrypting everything to the Nth
degree purely because there is so much mistrust -- and good reason for
that mistrust -- in the world.
This is an improvement?
More information about the CentOS