ssh X forwarding change in FC3
Kyrre Ness Sjobak
kyrre at solution-forge.net
Mon Jan 10 17:31:25 UTC 2005
Hmm? i haven't seen any problems with it, and i have used SSH (with X)
from anything from a mac to fc3 and fc2 computers, to fc3 and fc2
computers. Never any problem. Only thing worth mention is that the mac
and fc2 didn't understand the -Y flag, it just said it wasn't a real
flag. So we stuck to X, and everything worked. From fc3 we also needed
-Y, and then copy/paste would work. No problem whatsoever.
fre, 07.01.2005 kl. 19.48 skrev Havoc Pennington:
> Hi,
>
> The openssh change is totally broken, because none of the clients people
> use work with "trusted X" and they could not reasonably be modified to
> do so, without an effort on the scale of SELinux or even larger. The
> fact that the X server even supports "trusted X" is probably total
> nonsense.
>
> So, anyone who claims that "trusted X" is more secure is basically
> making a "concrete blocks not connected to the Internet are secure"
> argument.
>
> Maybe people who only run xterms would find the new ssh default useful,
> but even they presumably like to cut and paste...
>
> I don't know why the default is something that we know is useless and
> doesn't work.
>
> Havoc
>
More information about the fedora-devel-list
mailing list