Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watnot!watmath!clyde!cbatt!ihnp4!ptsfa!lll-lcc!styx!ames!ucbcad!ucbvax!decvax!decwrl!jumbo!jg
From: jg@jumbo.UUCP
Newsgroups: comp.windows.x
Subject: Re: X networking permission
Message-ID: <771@jumbo.dec.com>
Date: Wed, 1-Apr-87 10:42:16 EST
Article-I.D.: jumbo.771
Posted: Wed Apr  1 10:42:16 1987
Date-Received: Sat, 4-Apr-87 07:16:49 EST
References: <9740001@hpfclp.HP.COM>
Reply-To: jg@jumbo.UUCP (Jim Gettys)
Organization: DEC Systems Research Center
Lines: 21

In article <9740001@hpfclp.HP.COM> gerety@hpfclp.HP.COM (Colin Gerety) writes:
>    Are there any plans to implement a better networking
>security model for X.  Instead of blanket machine permission, 
>I'd like to see something along the .rhosts model where permission 
>is granted on a machine/user basis (best of all, use the .rhosts
>and hosts.equiv files).

This is a hard problem in a distributed environment without proper network
authentication services.  V11 has a hook in the protocol to permit
implementing arbitrary authentication services; since there is no
agreement on authentication in Unix or elsewhere as yet, we cannot define
it further. Berkeley "poor man's" authetication used in the "r commands"
requires that such programs be set uid to root; while barely acceptable in
some environments, it would make it impossible for mere mortals to write
programs for X.

Project Athena has a real authentication server now in production use
(called Kerberous, the two headed dog that guards the gates to hell).
You might go look at it; send mail to "saltzer@athena.mit.edu" to get
more information.
				- Jim