Hi
Could somebody take a look at this issue:
http://bugs.alpinelinux.org/issues/6696
I know I should have sent a patch to the aports list, but I missed the
wiki-page about patches. I don't want to duplicate things, so I hope
we can solve this on the bug-tracker.
Best,
Jean-Louis
On 03/04/2017 02:51 PM, Jean-Louis Fuchs wrote:
> Could somebody take a look at this issue:>> http://bugs.alpinelinux.org/issues/6696>> I know I should have sent a patch to the aports list, but I missed the> wiki-page about patches. I don't want to duplicate things, so I hope> we can solve this on the bug-tracker.
AFAIK, XCSECURITY are disabled on most (linux) Xorg packages, and on
freebsd and cygwin too (just search xcsecurity/xsecurity on google).
I just tried some weeks ago to use ssh -X on a OpenBSD X11 server, and
many applications just crashes with "bad access" or similar, as noted in
this mail:
https://cygwin.com/ml/cygwin-xfree/2008-11/msg00154.html
Of course it is still possible to use ssh -Y to connect to Xorg
remotely, using the "trusted forwarding".
ciao,
I.
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---
On 03/04/2017 02:51 PM, Jean-Louis Fuchs wrote:
> Could somebody take a look at this issue:>> http://bugs.alpinelinux.org/issues/6696>> I know I should have sent a patch to the aports list, but I missed the> wiki-page about patches. I don't want to duplicate things, so I hope> we can solve this on the bug-tracker.
AFAIK, XCSECURITY are disabled on most (linux) Xorg packages, and on
freebsd and cygwin too (just search xcsecurity/xsecurity on google).
I just tried some weeks ago to use ssh -X on a OpenBSD X11 server, and
many applications just crashes with "bad access" or similar, as noted in
this mail:
https://cygwin.com/ml/cygwin-xfree/2008-11/msg00154.html
Of course it is still possible to use ssh -Y to connect to Xorg
remotely, using the "trusted forwarding".
ciao,
I.
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---
Hi I
On Sat, Mar 04, 2017 at 04:00:28PM +0100, lists@cioccolatai.it wrote:
> On 03/04/2017 02:51 PM, Jean-Louis Fuchs wrote:> > > Could somebody take a look at this issue:> > > > http://bugs.alpinelinux.org/issues/6696> > > > I know I should have sent a patch to the aports list, but I missed the> > wiki-page about patches. I don't want to duplicate things, so I hope> > we can solve this on the bug-tracker.> > AFAIK, XCSECURITY are disabled on most (linux) Xorg packages, and on freebsd> and cygwin too (just search xcsecurity/xsecurity on google).
ssh -X works on Debian, Arch, Ubuntu, Fedora, CentOS, SuSE.
The only distro that I know that has no xcsecurity is alpine.
> I just tried some weeks ago to use ssh -X on a OpenBSD X11 server, and many> applications just crashes with "bad access" or similar, as noted in this> mail:> https://cygwin.com/ml/cygwin-xfree/2008-11/msg00154.html
All my applications work without problems. We are using it since more
than 10 years, never had a single problem.
> Of course it is still possible to use ssh -Y to connect to Xorg remotely,> using the "trusted forwarding".
Well, I don't want to do trusted forwarding, because you have to trust
the machine you forward to 100%.
ssh -X is definitely nothing special, instable or esoteric. But I
don't understand the security implications completely, so I can accept
a well-founded no.
Best,
Jean-Louis
On 03/04/2017 04:54 PM, Jean-Louis Fuchs wrote:
>>> Could somebody take a look at this issue:>>> http://bugs.alpinelinux.org/issues/6696
NB: i'm not the/a mantainer of the xorg package (on any other package)
>>> I know I should have sent a patch to the aports list, but I missed the>>> wiki-page about patches. I don't want to duplicate things, so I hope>>> we can solve this on the bug-tracker.>>>> AFAIK, XCSECURITY are disabled on most (linux) Xorg packages, and on freebsd>> and cygwin too (just search xcsecurity/xsecurity on google).>> ssh -X works on Debian, Arch, Ubuntu, Fedora, CentOS, SuSE.> The only distro that I know that has no xcsecurity is alpine.
Ok, my fault, when I was researching on this subject some time ago, I
found that these extension where disabled by default by the upstream
(generic reasons like "obsolete" a/o "insecure") in favor of the new
XACE extensions (which seems to be at least not used/incomplete, maybe
someone has more updated infos?)
After that various distro (debian, red-hat, ..) have re-enabled it, eg:
https://www.redhat.com/archives/rhsa-announce/2013-November/msg00028.htmlhttp://metadata.ftp-master.debian.org/changelogs/main/x/xorg-server/stable_changelog
but i'm on Slackware (and Alpine) so I didn't noticed it :)
>> I just tried some weeks ago to use ssh -X on a OpenBSD X11 server, and many>> applications just crashes with "bad access" or similar, as noted in this>> mail:>> https://cygwin.com/ml/cygwin-xfree/2008-11/msg00154.html>> All my applications work without problems. We are using it since more> than 10 years, never had a single problem.
> ssh -X is definitely nothing special, instable or esoteric. But I
That's interesting, good to know; I was also using ssh -X a lot, but
since it was disabled upstream I got this kind of troubles all the times
I tried; probabily I have to test again, using the same distro/settings
on both clients and server.
> don't understand the security implications completely, so I can accept> a well-founded no.
Did you already tried to recompile xorg on alpine with -xcsecurity enabled?
ciao,
I.
---
Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org
Help: alpine-devel+help@lists.alpinelinux.org
---