Skip to content

.Xauthority or X*.hosts (or equivalent) file(s) must be used to restrict access to the X server.

An XCCDF Rule

Description

<VulnDiscussion>If access to the X server is not restricted, a user's X session may be compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-216312r959010_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

Create an X*.hosts file, where * is a display number that may be used to limit X window connections. 

Add the list of authorized X clients to the file.