The .Xauthority utility must only permit access to authorized hosts.

An XCCDF Rule

Description

If unauthorized clients are permitted access to the X server, a user's X session may be compromised.

ID: SV-216078r959010_rule
Version: SOL-11.1-020550
Severity: Medium
References: CCI-000225 CCI-000366
Updated: about 2 months ago

Remediation Templates

Remove unauthorized clients from the xauth configuration.

Procedure:
# xauth remove <display name>