I am trying to set up Xephyr properly and securely, so that I can run another (nested) instance of LXDE under a different user inside my primary LXDE session.
I would like to use this nested session to browse potentially dangerous (malicious) websites under a test user account. I can delete the test user account after each session.
Lets suppose, my primary user is martin and I am logged into LXDE. I want to run a second (nested) LXDE session as user martin-test. I execute following commands:
Xephyr -ac -screen 1280x1024 -br -reset -terminate 2> /dev/null :1 &
DISPLAY=:1
su - martin-test -c 'startlxde'
Now a window has opened with new LXDE session.
But I am not sure what are the security implications. With Xephyr -ac, I have disabled access control. Have I just allowed anybody to connect to my Xserver ?
is this setup secure ?
How can I do it cleanly a properly?
