.Xauthority or X*.hosts (or equivalent) file(s) must be used to restrict access to the X server.
An XCCDF Rule
Description
<VulnDiscussion>If access to the X server is not restricted, a user's X session may be compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-216312r959010_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Create an X*.hosts file, where * is a display number that may be used to limit X window connections.
Add the list of authorized X clients to the file.