On Fri, Jan 02, 2004 at 09:13:26PM +0100, Alexander Gottwald wrote: > Chris Green wrote: > > > > Same with the gates of a castle. To get in, you must open it from inside. > > > This is the main principle of security. You can not allow those who have > > > no access to change the permissions. > > > > > ... but I am "within the castle", I'm sitting running a script on the > > win2k system > > The win2k system and xwin are two different systems. > Not in this situation, they're both running on a machine to which I have administrator and root (if you want to call it that) access. Thus in reality I have access to *everything* that's going on in the machine. Whatever 'security' X wants to put in my way I can (if I'm a reasonably capable programmer) circumvent.
> The first may be used by more than one person and the second must only be > used by you. > Why must xwin only be used by me? > Just imagine someone wants to steal a password from you and starts a client > which registers all keystrokes entered in a xterm. This program can be started > from a linux box or from the win2k system itself. The X11 security model tries > to prevent this by not allowing any connection that is not started by you. > But the connection from which I wanted to run xwinclip *was* run by me. > > and I can't see how to run xwinclip there because it > > won't give me permission to display on the terminal that I'm already > > using. > > If you've lost your key you'll be able to leave your house but are not able > to enter it again. These are two different situations and the design is good > but you have a problem if you've lost your key. > Not round here, no need to lock houses, it makes life *much* simpler to live. Security is a huge waste of human resources with very few advantages or uses. -- Chris Green ([EMAIL PROTECTED])