Mozilla firefox over ssh: Gdk-ERROR **: BadDrawable/BadAccess
Thu Apr 22 12:10:00 GMT 2004

Alexander Gottwald <> writes:

>On Thu, 22 Apr 2004 wrote:
>> What is the difference between "X11 forwarding" and "trusted X11 forwarding"?
>> Why did the compatible X11 forwarding break?
>> Why is it necessary to have a separate user interface? That is, why can't
>> -X mean "Use trusted X11 forwarding if available, otherwise use 
>> compatible X11 forwarding"
>-Y means use trusted forwarding
>-X means use untrusted forwarding
>the trusted means the X11 client has no access restrictions while a client in
>untrusted mode has some access restrictions which result in some errors 
>which actually mean "access denied"

Yes, I looked at the release notes and man pages for OpenSSH, and they
choose to break backwards compatibility in the name of security. That
is the right choice, of course, unless...

the users reaction is to restore the previous situation.  Note that the
Cygwin-X docs only mentions -X for older version of ssh, thus
advising users to disable the new security feature.

The real question here is why the X11 SECURITY extension disallows 
some of the operations that Mozilla wants to do. Are they really 
unsafe, or is the security specification overly restrictive?

More information about the Cygwin-xfree mailing list