Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Xwindows security?

From: mouse () Collatz McRCIM McGill EDU (der Mouse)
Date: Wed, 11 Jan 1995 10:33:09 -0500


Xhost actually has one advantage, of a sort, over xauth: users of
xhost can grant access, and later take that access away.



You want to be very careful in assuming that because you type
'xhost -' that your vulnerability goes away.  [...existing
connections are undisturbed...]  Additionally, clients (like
xcrowbar) can be started when no authority is in place that turns off
the authority mechanisms altogether, thus making the 'xhost -' a moot
point.


What's xcrowbar, and how does it "turn[] off the authority mechanisms
altogether"?  In my experience, only clients running on the local host,
or the xdm host if the server was started with xdm, can fiddle with the
access control mechanisms.

In any case, yes, it's true that "xhost -" doesn't magically mean
you're safe again.  What I do, to get the convenience of "xhost -"
without giving up quite as much security, is I run a front-end program
that accepts connections, replaces the authentication in the startup
exchange with saved info that the server will accept, and also
maintains a window displaying a list of the connections (currently just
host addresses, but it could be modified to display user names if the
remote host supports IDENT).  My program currently doesn't, but could,
monitor the X request/reply stream and take arbitrary action (freeze
the connection, alert me, pop up an interactive protocol debugger
window) if it sees something questionable, like a client selecting for
keystrokes on a window it didn't create.

                                        der Mouse

                            mouse () collatz mcrcim mcgill edu
Previous By Date Next
Previous By Thread Next

Current thread: