After all the talk about X security, including me saying how xconns could be souped up to be reasonably useful, I decided to _do_ something instead of just talk. I now have a program that behaves superfically like xconns, but with some significant differences: - It uses RFC931 to display usernames, when the client host supports RFC931. - It allows the user to freeze (and unfreeze) connections, or kill them, independent of the client, and very importantly independent of the server. The KillClient request can be used to forcibly disconnect a client from the server, but only if the client has created a resource, which (for example) neither xkey nor xcrowbar does. - It monitors the connection, and if it sees certain dubious requests (currently configurable only by hacking on the source), it pops up a little menu with which the user can allow the request, have it replaced with a NoOperation request, or kill the connection. The dubious requests are, at present, requests to change the host access list, requests to enable or disable access control, and ChangeWindowAttributes requests operating on non-root windows not created by the same client. There is much that it doesn't do but perhaps should. More operations should be considered "dubious" (eg, DestroyWindow on others' windows) and it would be nice to be able to configure access control and levels of trust somehow. Consider this proof-of-concept, if you will. :-) This program is up for anonymous ftp from collatz.mcrcim.mcgill.edu, in /X/xc.c (please ask for xc.c.gz if you have gunzip - be kind to my poor netlink). There is currently no documentation aside from what I've written above; once I get some written I'll drop it in as xc.doc. der Mouse mouse@collatz.mcrcim.mcgill.edu