| Summary: | Disable X11Forwarding in openssh | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Josh Bressers <bressers> |
| Component: | openssh | Assignee: | Jakub Jelen <jjelen> |
| Status: | CLOSED NOTABUG | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 7.3 | CC: | cww, ebenes, ksrot, pvrabec, rkratky, szidek, tmraz |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2016-03-21 16:12:53 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Josh Bressers
2016-03-16 13:25:15 UTC
That would get us a huge backslash - And we definitely cannot do this change on already installed systems. And the X forwarding does not really increase the attack surface in normal use cases because it happens in the user process. It matters only in case the forced command feature is in effect. Given the conversations and feedback, we will not be considering changing this default. |