dgreen@squid.cs.ucla.edu (Dan R. Greening) (09/20/89)
Hi there. I would like to use some X11-based performance monitoring tools
on an outside machine from within a rather secure network. We have a gateway
connected to the NSFnet. It currently does not allow X11 packets to cross
its threshold.
The security problem is this: If I use xhost +hostname, *anyone* on the
host "hostname" can start a Trojan horse program which displays on my machine.
This problem would be resolved if I could specify the user in my xhost
command, or better yet if I could specify the user and program name. I am
curious about two things:
1. Are there plans to include this sort of security in release 4?
2. Are there hooks in the open-window packets of releases 2 and/or 3 which
would allow the GATEWAY to do some security checking before forwarding the
packet to the internal host?
If the answer to number 2 is "yes", has anyone implemented such a gateway
program? Since a number of government and corporate organizations like to
keep their internal networks secure, but would also like to use X11 tools on
external machines, security seems like a worthy goal.
If the answer to number 2 is "no", can anyone give me some hints on how it
could be done, so that I can pass them on to the gateway people?
Thanks in advance.
Dan Greening dgreen@cs.ucla.edu NY 914-789-7620 | 308 Westwood Plaza, Box 117
CA 213-825-2266 | Los Angeles, CA 90024-1647swick@ATHENA.MIT.EDU (Ralph R. Swick) (09/20/89)
> This problem would be resolved if I could specify the user in my xhost > command, or better yet if I could specify the user and program name. And what would you propose to tell your server that would be impossible for an impostor on the network to reproduce? > 1. Are there plans to include this sort of security in release 4? Some new features are planned, but nothing that will satisfy the requirements of true security mavens. > 2. Are there hooks in the open-window packets of releases 2 and/or 3 which > would allow the GATEWAY to do some security checking before forwarding the > packet to the internal host? Dunno what you mean by 'open-window packets', nor do I expect that you really want to train your gateway about the intricacies of the X protocol. There _are_ some hooks in the connection setup exchange that will allow better distributed authentication tools (such as are currently being worked on here at Athena) to be attached.
rws@EXPO.LCS.MIT.EDU (Bob Scheifler) (09/20/89)
This problem would be resolved if I could specify the user in my xhost
command, or better yet if I could specify the user and program name.
1. Are there plans to include this sort of security in release 4?
That specifically, no. Some security, yes. You can look at the recently
released XDMCP specification for one example.