Updated 2014-06-09 16:48:54 by AMG

Purpose: Address problems where Tk is reporting the error message

X server insecure (must use xauth-style authorization),

despite the fact that the user has logged in via a display manager.

If you're getting the error message
    X server insecure (must use xauth-style authorization)

from a Tk application such as wish, even though you log in on a managed display, the most likely explanation is that you are using xhost to authenticate clients. With a managed display, you should always authenticate clients based on a session key, not on the hostname (the hostname can be spoofed).

To see if this is what's happening, do

at a command prompt. The only acceptable answer is
    access control enabled, only authorized clients can connect

If you see the message
    access control disabled, clients can connect from any host

this is very bad - anyone on the Internet can do anything with your display. Do
    xhost -


If you see one or more host names listed after the 'access control enabled' message, this is nearly as bad - anyone who can spoof packets from a given host can connect to your display. Tk doesn't like this! To get rid of the offending hosts, try the following shell script:
for host in 'xhost | sed 1d' ; do
    echo removing $host from access control list
    xhost -$host
echo removing general access from access control list
xhost -

If the offending hosts keep coming back, check your initialization files like .login, .cshrc and .profile -- you probably have code in there that's initializing your display badly.

The most likely outcome is that Tk will start working once the host list is cleaned up. If there's further trouble, it will most likely be that some other X application has stopped working, finding that it's unable to connect to your display. See Client is not authorized to connect to Server for some suggestions.

If Tk is still reporting that the server is insecure - even though xhost says that the host list is empty and access control is enabled - then you've most likely found a bug. Please report it!

MCU : I face same problem about the server is insecure. The answer of "xhost" is the above only acceptable one. I am using SDCC compiler in MCU 8051 IDE on CentOS 6.5. Is there any idea?