Robert> I'm not sure I understand your threat model. True, ':0.0'
I'm using the "I know enough to be dangerous, but not enough to
thoroughly understand the subject at hand" threat model. :-) In other
words, I'm really not sure what I'm talking about. I saw the benefit of
encrypting connections between machines (including the X traffic), and
so assumed there must be some benefit to doing so on the same machine as
well. Guess not.
Robert> So, I'm not sure I see how an attacker might observe this
Robert> data in transit unless they can read kernel memory. But if
Robert> they can do that, then you're totally compromised anyway ---
Robert> in particular, ssh's encrypted wrappers around X are no help
Robert> at all, because ssh ultimately does have to make unencrypted
Robert> connections to the X client and server at the endpoints.
Good enough for me... Thanks for the lucid explanation!
-- John Klassa / firstname.lastname@example.org