Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ xhost(1) — BSD/386 1.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

X(1)

Xserver(1)

xdm(1)



XHOST(1)                                                 XHOST(1)


NAME
       xhost - server access control program for X

SYNOPSIS
       xhost [[+-]name ...]

DESCRIPTION
       The  xhost program is used to add and delete host names or
       user names to the list allowed to make connections to  the
       X  server.  In the case of hosts, this provides a rudimen-
       tary form of privacy control and  security.   It  is  only
       sufficient  for  a  workstation (single user) environment,
       although it does limit  the  worst  abuses.   Environments
       which require more sophisticated measures should implement
       the user-based mechanism, or use the hooks in the protocol
       for passing other authentication data to the server.

       Hostnames that are followed by two colons (::) are used in
       checking DECnet connections; all other hostnames are  used
       for TCP/IP connections.

       User  names  contain  an  at-sign (@).  When Secure RPC is
       being  used,  the  network  independent   netname   (e.g.,
       "unix.uid@domainname")  can  be specified, or a local user
       can be specified with just the username and a trailing at-
       sign (e.g., "joe@").

OPTIONS
       Xhost accepts the following command line options described
       below.  For security, the options that effect access  con-
       trol  may  only  be  run from the "controlling host".  For
       workstations, this is the same machine as the server.  For
       X terminals, it is the login host.

       name    The  given  name  (the  plus  sign is optional) is
               added to the list allowed  to  connect  to  the  X
               server.   The  name  can  be a host name or a user
               name.

       -name   The given name is removed from the list of allowed
               to  connect to the server.  The name can be a host
               name or a user name.  Existing connections are not
               broken,   but  new  connection  attempts  will  be
               denied.  Note that the current machine is  allowed
               to   be   removed;  however,  further  connections
               (including attempts to add it back)  will  not  be
               permitted.  Resetting the server (thereby breaking
               all connections) is the only way  to  allow  local
               connections again.

       +       Access is granted to everyone, even if they aren't
               on the list (i.e., access control is turned  off).

       -       Access  is  restricted  to  only those on the list



X Version 11                Release 5                           1




XHOST(1)                                                 XHOST(1)


               (i.e., access control is turned on).

       nothing If no command line arguments are given, a  message
               indicating  whether  or not access control is cur-
               rently enabled is printed, followed by the list of
               those allowed to connect.  This is the only option
               that may be used from machines other than the con-
               trolling host.

DIAGNOSTICS
       For  each name added to the access control list, a line of
       the form "name being  added  to  access  contro  list"  is
       printed.   For  each  name removed from the access control
       list, a line of the form "name being removed  from  access
       contro list" is printed.

FILES
       /etc/X*.hosts

SEE ALSO
       X(1), Xserver(1), xdm(1)

ENVIRONMENT
       DISPLAY to get the default host and display to use.

BUGS
       You  can't  specify  a display on the command line because
       -display is a valid command line argument (indicating that
       you  want to remove the machine named ``display'' from the
       access list).

       This is not really a bug, but the X server stores  network
       addresses, not host names.  If somehow you change a host's
       network address while the server is still  running,  xhost
       must  be used to add the new address and/or remove the old
       address.

COPYRIGHT
       Copyright 1988, Massachusetts Institute of Technology.
       See X(1) for a full statement of rights and permissions.

AUTHORS
       Bob Scheifler, MIT Laboratory for Computer Science,
       Jim Gettys, MIT Project Athena (DEC).













X Version 11                Release 5                           2


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026