[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ssh X forwarding change in FC3



David Kewley wrote:
P draigBrady com wrote on Thursday 06 January 2005 09:47:

Essentially what this means is that most X applications will
break if forwarded back to a FC3 system with default config.
Now it wouldn't be so bad if they just wouldn't work.
They break in subtle ways usually related to mouse events.
This is just silly IMHO and will cause no end of hassles
for users trying to figure out what's going on and
also be a waste of time for developers of those X apps
who will receive bogus bug reports.

So can we change the upstream default back to what it used to be?

It's not just silly -- it reduces the size of a security hole. If X apps can be fixed to deal with running as an untrusted X client, then they should be fixed. If a given X app can't be run untrusted, I don't know what to suggest.

Well it was the failure mode I was describing as silly. It seems to be most apps in my experience that have the problem, so perhaps it would be appropriate/possible at the toolkit level (in the gtk init routines for e.g.) to determine:

if (remote && untrusted)
   exit with a reasonable error message

--
Pádraig Brady - http://www.pixelbeat.org
--


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]