|
In the X Window System, programs run as X clients, and as such they connect to the X display server, possibly via a computer network. Since the network may be accessible to other users, a method for forbidding access to programs run by users different from the one who is logged in is necessary. There are five standard access control mechanisms that control whether a client application can connect to an X display server. They can be grouped in three categories: # access based on host # access based on cookie # access based on user Additionally, like every other network connection, tunnelling can be used. ==Host-based access== The host-based access method consists in specifying a set of hosts that are authorized to connect to the X display server. This system has inferior security, as it allows every user who has access to such a host to connect to the display. The xhost program and three X Window System core protocol requests are used to activate this mechanism and to display and change the list of authorized hosts. Improper use of xhost can inadvertently give every host on the Internet full access to an X display server.抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「X Window authorization」の詳細全文を読む スポンサード リンク
|