'''Purpose:''' Address problems where Tk is reporting the error message [X server insecure (must use xauth-style authorization)], despite the fact that the user has logged in via a display manager. ---- If you're getting the error message X server insecure (must use xauth-style authorization) from a Tk application such as ''wish'', even though you log in on a managed display, the most likely explanation is that you are using xhost to authenticate clients. With a managed display, you should always authenticate clients based on a session key, not on the hostname (the hostname can be spoofed). To see if this is what's happening, do xhost at a command prompt. The only acceptable answer is access control enabled, only authorized clients can connect If you see the message access control disabled, clients can connect from any host this is ''very'' bad - anyone on the Internet can do anything with your display. Do xhost - immediately. If you see one or more host names listed after the 'access control enabled' message, this is nearly as bad - anyone who can spoof packets from a given host can connect to your display. Tk doesn't like this! To get rid of the offending hosts, try the following shell script: #!/bin/sh for host in 'xhost | sed 1d' ; do echo removing $host from access control list xhost -$host done echo removing general access from access control list xhost - (Note that there is a leading space on each line that must be removed if you cut and paste the script directly.) If the offending hosts keep coming back, check your initialization files like ''.login'', ''.cshrc'' and ''.profile'' -- you probably have code in there that's initializing your display badly. The most likely outcome is that Tk will start working once the host list is cleaned up. If there's further trouble, it will most likely be that some ''other'' X application has stopped working, finding that it's unable to connect to your display. See [Client is not authorized to connect to Server] for some suggestions. If Tk is still reporting that the server is insecure - even though xhost says that the host list is empty and access control is enabled - then you've most likely found a bug. Please report it!