Re: [tlug] Securing X-Window Protocol

["Stephen J. Turnbull" <stephen@example.com>]

>>>>> "Ian" == Ian Wells <ijw@example.com> writes:

    Ian> NSS is one example, but anything else that X doesn't know
    Ian> about that is related to the physical location of the user's
    Ian> terminal would be an issue as well, and it's a reasonable
    Ian> argument for decently secured X rather than a third party
    Ian> tunnel.

Well, no.  If X doesn't know about it, then you mean that we now have
two security problems: the allegedly secure X, and the anything else
(which isn't secure at all yet, by hypothesis).

    Ian> Anyway, the original question was 'is it possible to secure
    Ian> the X protocol nowadays' and I suspect that without a third
    Ian> partry tunneller the answer is still 'no'...

No.  The best you can do is the trusted/untrusted distinction.  This
is supposed to give you some protection from keystroke logging and the
like, but without an encrypted channel all the X traffic is still open
to anyone.

-- 
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of Tsukuba                    Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
               Ask not how you can "do" free software business;
              ask what your business can "do for" free software.