Benjamin Fried wrote: >Xhost actually has one advantage, of a sort, over xauth: users of xhost >can grant access, and later take that access away. You want to be very careful in assuming that because you type 'xhost -' that your vulnerability goes away. All clients (like xkey) started when the authority was off are still connected and are potentially dangerous. Additionally, clients (like xcrowbar) can be started when no authority is in place that turns off the authority mechanisms altogether, thus making the 'xhost -' a moot point. -- William McVey Instructional Labs Administrator Department of Computer Science Purdue University