HPE Community
Operating System - HP-UX
1856578 Members
20435 Online
104113 Solutions
New Discussion

Re: xhost and Exceed

 
Verónica Muñoz Segovia
Frequent Advisor

‎10-03-2000 01:30 PM

‎10-03-2000 01:30 PM

xhost and Exceed

Good afternoon,

Weeks ago we had an internal auditory and they put us as high risk the use of any xterminal software, I'm attaching you the document. Anybody knows these kind of security vulnerabilities?

Best Regards,

Veronica Munoz
Always is important to know the opinion of other people with or without experience
0 Kudos
Reply
1 REPLY 1
Mike McKinlay
Honored Contributor

‎10-03-2000 02:18 PM

‎10-03-2000 02:18 PM

Re: xhost and Exceed

Part of the problem with xhost+ is that pretty much anyone can run an application at your desktop without your permission, including a spoofed version of an application you trust, like OpenView.

Whether this is a true "security hole" or simply something requiring human engineering, I'm not at all certain. What I'd like to know is whether the audit comes with recommendations to resolve the supposed "security holes". If it doesn't, then your company didn't get much for its money. A good consultant should tell you she can solve all the problems she's just told you about.
"Hope springs eternal."
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.