From mboxrd@z Thu Jan 1 00:00:00 1970 From: Avi Kivity Subject: Re: [PATCH 1/2] kvm tools: Export DISPLAY ENV as our default host ip address Date: Wed, 05 Sep 2012 10:56:02 +0300 Message-ID: <50470592.4090002@redhat.com> References: <1345807781-23452-1-git-send-email-asias.hejun@gmail.com> <5045FD1E.2080602@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: Pekka Enberg , Sasha Levin , Ingo Molnar , Cyrill Gorcunov , kvm@vger.kernel.org To: Asias He Return-path: Received: from mx1.redhat.com ([209.132.183.28]:47715 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750999Ab2IEH4Q (ORCPT ); Wed, 5 Sep 2012 03:56:16 -0400 In-Reply-To: Sender: kvm-owner@vger.kernel.org List-ID: On 09/05/2012 09:03 AM, Asias He wrote: > On Tue, Sep 4, 2012 at 9:07 PM, Avi Kivity wrote: >> On 08/24/2012 02:29 PM, Asias He wrote: >>> It is useful to run a X program in guest and display it on host. >>> >>> 1) Make host's x server listen to localhost:6000 >>> host_shell$ socat -d -d TCP-LISTEN:6000,fork,bind=localhost \ >>> UNIX-CONNECT:/tmp/.X11-unix/X0 >>> >>> 2) Start the guest and run X program >>> host_shell$ lkvm run -k /boot/bzImage >>> guest_shell$ xlogo >>> >> >> Note, this is insecure, don't do this with untrusted guests. > > In this use case, the user on the host side should trust the guest. > > Btw, any attack the untrusted guests can do with the X port which host listens? Steal the entire display, record user keystrokes, present false information. btw, how did it work? The you need the xauth cookie for this to work, or disable authentication. -- error compiling committee.c: too many arguments to function