If I have X11 forwarding on, what can Evil apps do? Launch UI for sure. Screensh... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		awwaiid 8 months ago \| parent \| context \| favorite \| on: VSCode’s SSH agent is bananas If I have X11 forwarding on, what can Evil apps do? Launch UI for sure. Screenshots? I imagine so. What else? Send keyboard events, which would be game over?

donio 8 months ago | [–]

They can only do those things if the X11 security extension restrictions are disabled with ForwardX11Trusted=yes or by using -Y rather than -X. This has been the case for the past 20 years.

philsnow 8 months ago | [–]

Also read keyboard events / do keylogging

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact