Re: Xwindows security?
Timothy Newsham (newsham@aloha.net)
Wed, 11 Jan 1995 10:41:18 -1000 (HST)
> I had an idea a while back but no time to implement it. Perhaps some of you
> would like to rip it to shreds in front of me and tell my why it stinks of
> dead fish.
>
> I'd like to add a new authentication mechanism to X which uses Ident (TAP,
> RFC-931 etc), to check that a user is permitted. e.g. a server is given a
> list of allowed user/machine pairs by a program like xhost:
rfc1413.txt:
The Identification Protocol is not intended as an authorization or
access control protocol. At best, it provides some additional
auditing information with respect to TCP connections. At worst, it
can provide misleading, incorrect, or maliciously incorrect
information.
> Ident is not supposed to be used for authentication I hear people shout.
> However, X connections should really only be made from machines you trust as
> otherwise anyone with root access can steal the cookie or pretend to be that
> user anyway. I.e. using Ident for this is no worse than admitting that you
> must trust the remote host is ok anyway.
People will still allow connections from machines which are outside
of the administrative domain of the X server.
> As far as I can see in my simple minded way I can't see any attacks on this
> which wouldn't also be possible using any other X authentication technique.
how about a penalty for having to run identd? (blech!)
> It might be possible to run a proxy-authenticator on a known trusted machine
> for all old Xterminals (adds delay and pain I know). Forcing people to run an
> Ident server might cause problems for some types of system.
it might also start people to start wretching uncontrollably :)
> -- Jon