ancientt's Journal: About X security risk

Recently someone wondered if/how X was a security risk. (24 July 2005)

I've read in several security books about the security risks of using X as well. Many advise not using X at all because of it, but most are kind of vague about why.

As far as I can tell, it is because between the server and the X system, the data is not encrypted and someone with access to the system could potentially see what was being done in the X system of another user.

I've never read about how it is done so its all theoritical as far as I am concerned. I expect the security concern is only really an issue if you have multiple or untrusted users with access to the server itself with a shell account for example.