Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!wuarchive!emory!utkcs2!de5
From: de5@ornl.gov (Dave Sill)
Newsgroups: comp.windows.x
Subject: Access control
Message-ID: <1991Jan17.203838.6210@cs.utk.edu>
Date: 17 Jan 91 20:38:38 GMT
Sender: news@cs.utk.edu (USENET News System)
Reply-To: de5@ornl.gov
Organization: Oak Ridge National Laboratory
Lines: 40

I'm curious about the current state of display access control in X and
predicted future developments.  I'd appreciate any information on this
topic beyond what's included in the X11R4 man pages, including answers
to these questions:

What access control mechanisms are part of the X protocol?

I'm sure that the hostwise mechanism is, but was magic-cookie
authorization added with R4?

Did the X protocol change between R3 and R4?

If we can't expect to be able to use DES-, RSA-, or Kerberos-based
magic cookies at some point, is there any hope of a general mechanism
for controlling access with more granularity than "anyone on host A
can do whatever they want with my display"?

Would it be possible to wrap access control around the server somehow?
E.g., could one construct a client that would tell me when someone
accesses my display, or even allow me to grant or deny access on a
case-by-case basis?

Is there any chance that we might one day be able to control access to
individual windows in a manner similar to the way access to files is
controlled under UNIX, VMS, or any other multiuser OS?  I.e.,
read/modify/delete bits for owner and others, at least, or even access
control lists.

Is anybody running, or planning to run, X in a DoD-type classified
environment?  If so, how?

What vendor-specific access-control mechanisms are available or
planned?

Thanks in advance.

--
Dave Sill (de5@ornl.gov)	  It will be a great day when our schools have
Martin Marietta Energy Systems    all the money they need and the Air Force
Workstation Support               has to hold a bake sale to buy a new bomber.