Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!cis.ohio-state.edu!ucbvax!bloom-beacon!dont-send-mail-to-path-lines
From: mouse@lightning.mcrcim.mcgill.EDU (der Mouse)
Newsgroups: comp.windows.x
Subject: Re: Xkernel and security
Message-ID: <9106091956.AA01349@lightning.McRCIM.McGill.EDU>
Date: 9 Jun 91 19:56:47 GMT
Sender: daemon@athena.mit.edu (Mr Background)
Organization: The Internet
Lines: 27

> Any host that can connect to the X server can perform *any* operation
> on it, including xhost.

Not normally.  The protocol document says of the ChangeHosts request,
which is the basic mechanism xhost uses to add or remove hosts,

	ChangeHosts
[...]
	     This request adds or removes the specified host from the
	     access control list.  When the access control mechanism is
	     enabled and a host attempts to establish a connection to
	     the server, the host must be in this list, or the server
	     will refuse the connection.
	
	     The client must reside on the same host as the server
	     and/or have been granted permission by a server-dependent
	     method to execute this request (or an Access error
	     results).
[...]

The MIT server - at least over here! - will refuse xhost requests from
other machines when XDMCP is not in use.

					der Mouse

			old: mcgill-vision!mouse
			new: mouse@larry.mcrcim.mcgill.edu