Rule ID
SV-216313r959010_rule
Version
V3R5
If unauthorized clients are permitted access to the X server, a user's X session may be compromised.
If X Display Manager (XDM) is not used on the system, this is not applicable. Determine if XDM is running. Procedure: # ps -ef | grep xdm Check the X Window system access is limited to authorized clients. Procedure: # xauth xauth> list Ask the SA if the clients listed are authorized. If any are not, this is a finding.
Remove unauthorized clients from the xauth configuration. Procedure: # xauth remove <display name>