Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!cs.utexas.edu!usc!apple!motcsd!mcdcup!mcdchg!tellab5!mtcchi!levy
From: levy@mtcchi.uucp (2656-Daniel R. Levy(0000000)0000)
Newsgroups: comp.windows.x,comp.security
Subject: security with X windows
Message-ID: <1990Sep9.204924.7386@mtcchi.uucp>
Date: 9 Sep 90 20:49:24 GMT
Distribution: na
Organization: Memorex Telex Corporation NSBG/STP
Lines: 19

I have been investigating the possibility of using X terminals in a distributed
workstation environment as opposed to the centralized-CPU proprietary window
terminal system we are using now or providing a work$tation for every single
developer.  One issue which has come to mind is security.  We would like to
have a good terminal lock function which would not be easily spoofable.  Also we
would like to be sure it is nontrivial to spy on someone else's X window.  (Yes
I know with a common Ethernet there isn't a lot that can be done security-wise,
but at least we would like to make it as difficult as the system permits.)  In
my experimentation I find that if I power-cycle the X terminal the associated
processes on the client don't seem to go away -- this poses the question of,
could the X terminal "pick up" the lingering windows after being cycled?  Can
anyone please advise me on this matter, or on other security issues with X
windows I may not have mentioned.  I am still learning about X, so please
forgive me if these seem like stupid questions.  Thanks much in advance.
-- 
* Daniel R. Levy * uunet!tellab5!mtcchi!levy * This post not on behalf of MTC *
So far as I can remember, there is not one    | ... therefore be as shrewd as
word in the Gospels in praise of intelligence.| serpents [see Gen. 3] and harm-
-- Bertrand Russell [Berkeley UNIX fortune]   | less as doves -- JC [Mt. 10:16]