[comp.windows.x] Making a display secure?

uk1@sirius.rice.edu (Paul A. Scowen) (03/20/91)

Hi,

I have a short question.  Is it possible to make a display on a machine secure
to input from other users on the same machine?  This is of course rather against the whole philosophy of being able to display anything anywhere, but we're
having probelms with certain users who start up software like Mongo, with it
configured for sunview ('cos of a 3/50 on the network belonging to a prof who can't/won't get into X) and that wipes out the screen on :0.  

Thanks all.

|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|
-                                                         __________          -
|       Paul A. Scowen                                   / ___  ___ \         |
-       Department of Space Physics and Astronomy       / / @ \/ @ \ \        -
|       Rice University, Houston TX 77251               \ \___/\___/ /\       |
-       (713) 527-8101 x2433, x3534                      \____\/____/||       -
|                                                        /     /\\\\\//       |
-       Internet:       uk1@spacsun.rice.edu             |     |\\\\\\        -
|                       scowen@vega.rice.edu              \      \\\\\\       |
-                                                          \______/\\\\       -
|       Span:           RICE::SCOWEN                        _||_||_           |
-                                                            -- --            -
|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|-|

mouse@lightning.mcrcim.mcgill.EDU (der Mouse) (03/20/91)

> I have a short question.  Is it possible to make a display on a
> machine secure to input from other users on the same machine?

In X terms, yes, or at least as secure as your server supports.
(Typically proof against accident and casual attempts, but not against
a reasonably motivated person with some crypto-knowledge.)

> This is of course rather against the whole philosophy of being able
> to display anything anywhere, but we're having probelms with certain
> users who start up software like Mongo, with it configured for
> sunview ('cos of a 3/50 on the network belonging to a prof who
> can't/won't get into X) and that wipes out the screen on :0.

This sounds as though the offending user is starting SunView, which
starts arguing with X over who owns the framebuffer/mouse/keyboard.
(Starting a SunView application without SunView running just produces
an error message, doesn't it?)

If so, this is out of the realm of X and straight into operating system
arbitration of access to the hardware.

Since you talk about sunview and a 3/50, I assume you are using Suns.

What I would probably do is remove SunView support on all machines
except that -3/50 you mentioned, probably by deleting the relevant
binaries.  You also might be able to get away with deleting /dev/win*,
though I don't know whether that is sufficient.  (They are not needed
for X.)

					der Mouse

			old: mcgill-vision!mouse
			new: mouse@larry.mcrcim.mcgill.edu