Preventing unauthorized monitoring of remote X server

The xwd and xwud commands can be used to monitor X server activity because they have the ability to capture keystrokes, which can expose passwords and other sensitive data. To solve this problem, remove these executable files unless they are necessary under your configuration, or, as an alternative, change access to these commands to be root only.

The xwd and xwud commands are located in the X11.apps.clients fileset.

If you do need to retain the xwd and xwud commands, consider using OpenSSH or MIT Magic Cookies. These third-party applications help prevent the risks that are created by running the xwd and xwud commands.

For more information about OpenSSH and MIT Magic Cookies, refer to each application's respective documentation.