xhost

Display the current access control list

$ xhost

$ xhost +[hostname]

$ xhost -[hostname]

$ xhost +

$ xhost -

$ xhost -[family:name]

xhost [options]
xhost [[+|-]hostname ...]
xhost [[+|-]family:name ...]
xhost [+/-s]

(no arguments)
    Displays the current list of hosts that are allowed to connect to the X server.

+
    Enables access control. When used without a specific host, it means 'allow connections from any host'. This is highly insecure.

-
    Disables access control. When used without a specific host, it means 'disallow connections from any host' (the secure default).

+hostname
    Adds a specific hostname or IP address to the access list, allowing it to connect.

-hostname
    Removes a specific hostname or IP address from the access list, preventing it from connecting.

+family:name
    Adds a host specified by family (e.g., inet for IPv4, ipv6 for IPv6, local for local processes, si for server-interpreted user, unix for Unix domain socket) and name to the access list.

-family:name
    Removes a host specified by family and name from the access list.

+s
    Enables host access control (same as xhost -, restoring default behavior).

-s
    Disables host access control (same as xhost +, allowing all hosts).

-display displayname
    Specifies the X server displayname to connect to (e.g., :0.0).

The xhost command is a utility for managing the access control list of the X server. It allows or disallows connections from specific hosts or users to your X display. By default, X servers are configured to accept connections only from the local machine for security reasons. xhost provides a way to temporarily loosen these restrictions, enabling other machines on a network to display graphical applications on your screen.

While useful for multi-user environments or for running GUI applications from remote machines without SSH X forwarding, it's crucial to understand the security implications. Loosening access control, especially with commands like xhost +, can expose your X server to unauthorized access, potentially allowing malicious programs to capture keystrokes, view screen contents, or inject commands. For most remote X access, SSH's built-in X forwarding is the recommended and more secure method.

Security Risk: Using xhost + or disabling access control (xhost -s) allows any machine on the network to connect to your X server, making it vulnerable to various attacks like keystroke logging, screen sniffing, and command injection.
Temporary Changes: Access list modifications made by xhost are not persistent; they are reset when the X server restarts.
Limited Authentication: xhost relies on host-based authentication, which is less secure than cookie-based methods like MIT-MAGIC-COOKIE-1 (managed by xauth) because IP addresses can be spoofed.
Not for SSH X Forwarding: xhost is generally not required when using SSH's built-in X forwarding, as SSH securely handles the authentication and tunneling.

To show the current access list:
xhost

To allow a specific host named 'myremotehost' to connect:
xhost +myremotehost

To disallow 'myremotehost':
xhost -myremotehost

To allow any local process (e.g., from a Docker container) to connect:
xhost +local:

Discouraged: To allow any host to connect (major security risk):
xhost +

The X Window System supports several methods for authenticating clients. xhost implements a relatively simple host-based access control. A more secure method is cookie-based authentication, primarily using the MIT-MAGIC-COOKIE-1 protocol. This is managed by the xauth command and involves secret keys (cookies) that must be shared between the X server and the client, providing a much stronger level of security compared to merely trusting a hostname or IP address.

xhost has been an integral part of the X Window System since its early iterations (X11R1, 1987). It was designed to offer a straightforward host-based mechanism for controlling access to X displays in networked environments, common with X terminals. Over time, more robust and secure authentication methods, such as MIT-MAGIC-COOKIE-1 handled by xauth, gained prominence. Consequently, the use of xhost, especially its less secure forms like xhost +, has become less recommended in modern, internet-connected computing due to significant security implications. However, it still sees use in specific isolated contexts, such as local development setups, Docker containers, or virtual machine integrations where a quick and temporary display access is needed.

startx(1), X(7), xdm(1), xauth(1), ssh(1)