xhost(1) X Version 11 (22 September 1989) xhost(1)
NAME
xhost - controls access to X servers
SYNOPSIS
xhost [-options ...]
DESCRIPTION
The xhost program enables you to add and delete hosts to the
list of computers that are allowed to make connections to
the X server. This provides a rudimentary form of privacy
control and security. It is only sufficient for a
workstation (single user) environment, although it does
limit the worst abuses. For example, xhost prevents another
user from arbitrarily putting a window on your screen.
Environments requiring more sophisticated measures should
use the hooks in the protocol for passing authentication
data to the server.
The server initially allows network connections only from
programs running on the same computer or from computers
listed in the file /etc/X*.hosts (where * is the display
number of the server). Note: xhost only modifies the access
list of the current server; all subsequent servers are
initialized from /etc/X*hosts. You can run the xhost
program either from a start-up file or interactively so you
can give access to other users.
Host names that are followed by two colons (::) are used in
checking DECnet connections; all other host names are used
for TCP/IP connections.
OPTIONS
The xhost program accepts the following command-line options
described below. For security, the options that affect
access control can only be run from the same computer as the
server.
[+]hostname
Adds hostname (the plus sign is optional) to the list
of computers that are allowed to connect to the X
server.
-hostname
Removes hostname from the list of computers that are
allowed to connect to the server. This option does not
break existing connections, but it denies new
connection attempts. You can remove the current
computer, however, further connections (including
attempts to add it back) are not permitted. The only
way you can establish local connections again is to
reset the server, which breaks all connections.
Page 1 (printed 10/4/89)
xhost(1) X Version 11 (22 September 1989) xhost(1)
+ Grants access to all hosts, even if they aren't on the
list of allowed hosts (i.e. access control is
disabled).
- Restricts access to only those computers on the list of
allowed hosts (i.e. access control is enabled).
no options specified
Prints the list of hosts allowed to connect on the
standard output along with a message indicating whether
or not access control is currently enabled. This is the
only option that you can use from computers other than
the one on which the server is running.
FILES
/etc/X*.hosts
ENVIRONMENT
DISPLAY
Gets the default host and display.
COMMENTS
You cannot specify a display on the command line because
-display is a valid command-line argument (indicating that
you want to remove the computer named display from the
access list).
SEE ALSO
X(1)
COPYRIGHT
Copyright 1988, Massachusetts Institute of Technology.
See X(1) for a full statement of rights and permissions.
AUTHORS
Bob Scheifler, MIT Laboratory for Computer Science; Jim
Gettys, MIT Project Athena (DEC).
Page 2 (printed 10/4/89)