Path: utzoo!censor!geac!jtsv16!uunet!bloom-beacon!ATHENA.MIT.EDU!swick
From: swick@ATHENA.MIT.EDU (Ralph R. Swick)
Newsgroups: comp.windows.x
Subject: Re: Packet Security Issues.
Message-ID: <8909192126.AA09012@LYRE.MIT.EDU>
Date: 19 Sep 89 21:26:51 GMT
References: <27232@shemp.CS.UCLA.EDU>
Organization: DEC/MIT Project Athena
Lines: 21

> This problem would be resolved if I could specify the user in my xhost
> command, or better yet if I could specify the user and program name.

And what would you propose to tell your server that would
be impossible for an impostor on the network to reproduce?

> 1. Are there plans to include this sort of security in release 4?

Some new features are planned, but nothing that will satisfy
the requirements of true security mavens.

> 2. Are there hooks in the open-window packets of releases 2 and/or 3 which
>    would allow the GATEWAY to do some security checking before forwarding the
>    packet to the internal host?

Dunno what you mean by 'open-window packets', nor do I expect that
you really want to train your gateway about the intricacies of the
X protocol.  There _are_ some hooks in the connection setup
exchange that will allow better distributed authentication tools
(such as are currently being worked on here at Athena) to be
attached.