[vox-tech] xhost+: Why you should NEVER DO THAT

Karsten M. Self kmself at ix.netcom.com
Mon Mar 21 18:03:07 PST 2005 

on Mon, Mar 21, 2005 at 11:39:43AM -0800, Bill Kendrick (nbs at sonic.net) wrote:
> On Mon, Mar 21, 2005 at 11:33:39AM -0800, Dmitriy wrote:
> > On Friday 18 March 2005 02:18, Karsten M. Self wrote:
> > > Mark Kim apparently insists on dispersing bad advice regarding use of
> > > xhost + to allow remote X11 access.
> > >
> > 
> > I agree that it's a bad advice.
> 
> As do I.  On the other hand, this whole thread has blossomed into a very
> full discussion, with lots of references, on _why_ "xhost +" is bad,
> and comparing/contrasting other connection schemes.

Yeah.  There's probably even (yet another) don't-use-xhost + webpage
coming out of it.
 
> In one sense, Karsten and others have/might argue: "People will google
> and find "xhost + is your answer"" and get BAD INFORMATION!  NOT GOOD!

Yep.

There's plenty of instances of same on the Net.  Including, apparently,
SuSE and Mozilla's own official websites.  Bad, bad, bad, bad, bad.
Lots of user-written help pages as well.
 
> But on the other hand, there's a whole /THREAD/ of information on
> _why_ it's bad, so that people who might think "xhost + is as good as
> SSH" will see why it is NOT.  (OTOH, if the thread simply said "use
> SSH", their incorrect assumption won't be brought to light.)

Right.

I tried the short approach first.  Then the long one.

 
> 
> > When user needs that advice, he likely doesn't know intricacies of X
> > enough to know which situations are acceptable to use "xhost +" in,
> > and and which ones are not.
> 
> This is a good consideration to make when answering questions here,
> and elsewhere.
 
Very much.  I try to keep it in mind when answering questions.

It's usually _not_ enough to just answer a user's question, but to think
for a moment about "now why the hell would they be asking _that_?".  And
if no good reason is immediately apparent, asking for clarification.


Answering in part Mark's followup post in this subthread:  the real
issue came up when Mark insisted on both repeating his initial advice,
_and_ suggesting it's OK.  Neither are the case.

There's a difference between making an error and correcting it, and
making an error and insisting on being wrong.  This was a case of the
latter.


Thanks to Dmitriy and others who've added their $0.02 to this thread.


Peace.

-- 
Karsten M. Self <kmself at ix.netcom.com>        http://kmself.home.netcom.com/
 What Part of "Gestalt" don't you understand?
    I was informed you were the most beautiful woman ever to visit
    Casablanca. That was a gross understatement.
    - Casablanca
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://ns1.livepenguin.com/pipermail/vox-tech/attachments/20050321/ad3d4e4f/attachment.bin

More information about the vox-tech mailing list