1. Forum
  2. Usenet
  3. COMP.WINDOWS.X

  • X over ssh is not insecure (was: Re: Wayland Is Coming)

    From vallor@21:1/5 to Muttley@dastardlyhq.com on Wed May 15 16:31:02 2024
    On Wed, 15 May 2024 07:14:09 -0000 (UTC), Muttley@dastardlyhq.com wrote in <v21nc1$o322$1@dont-email.me>:

    On Tue, 14 May 2024 21:52:49 -0000 (UTC)
    Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
    On Mon, 13 May 2024 10:31:50 +0000 (UTC), Julian Bradfield wrote:

    The socket is usually called /tmp/.X11-unix/Xn for display n.

    The socket *has* to be called X«n», and be located in /tmp/.X11-unix/.

    In one post you're claiming X doesn't use unix sockets, now you're an
    expert on what the permissions should be.

    Which is a world-writable directory. You see the problem?

    Its not a problem , its part of the design.

    The Wayland socket goes in $XDG_RUNTIME_DIR, which is a variable under
    the control of the user. It usually points to /run/user/«userid». Which >>belongs to that specific user.

    Very useful if a process running under another user id wants to connect.

    Lawrence doesn't seem to understand ~/.Xauthority ...

    ssh does though -- if you forward an X connection through ssh,
    it will manage the necessary .Xauthority entries with xauth(1).

    This completely invalidates the "X over ssh is insecure" argument.

    export DISPLAY=:0.0 # This uses a Unix socket.

    Not even root can run X clients on the display server, if it
    doesn't have the necessary .Xauthority entry. Protip:

    # ll /root/.Xauthority
    lrwxrwxrwx 1 root root 23 Oct 12 2023 /root/.Xauthority -> /home/ xxx/.Xauthority

    I can't see using Wayland until remote connection forwarding is
    handled. If there is something that gets access to Wayland via
    a Unix socket, then I could see ssh being changed to add Wayland
    connection forwarding.

    --
    -v

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Lawrence D'Oliveiro@21:1/5 to vallor on Fri May 17 07:56:36 2024
    On Wed, 15 May 2024 16:31:02 -0000 (UTC), vallor wrote:

    Lawrence doesn't seem to understand ~/.Xauthority ...

    ssh does though -- if you forward an X connection through ssh,
    it will manage the necessary .Xauthority entries with xauth(1).

    And hopefully it manages to clean that up as well, when you drop the connection.

    This completely invalidates the "X over ssh is insecure" argument.

    It does take an awful lot of pieces, working together correctly, to ensure this, doesn’t it?

    Wayland is somewhat simpler than this.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Muttley@dastardlyhq.com@21:1/5 to Lawrence D'Oliveiro on Fri May 17 08:49:04 2024
    On Fri, 17 May 2024 07:56:36 -0000 (UTC)
    Lawrence D'Oliveiro <ldo@nz.invalid> wrote:
    On Wed, 15 May 2024 16:31:02 -0000 (UTC), vallor wrote:

    Lawrence doesn't seem to understand ~/.Xauthority ...

    ssh does though -- if you forward an X connection through ssh,
    it will manage the necessary .Xauthority entries with xauth(1).

    And hopefully it manages to clean that up as well, when you drop the >connection.

    This completely invalidates the "X over ssh is insecure" argument.

    It does take an awful lot of pieces, working together correctly, to ensure >this, doesn’t it?

    Have you heard of the Unix way?

    Wayland is somewhat simpler than this.

    I'm sure thats what Poettering thought about init scripts when he created systemd. Turns out - not so much.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)