Bugtraq mailing list archives

xcrowbar/ident for x

From: nlawson () statler csc calpoly edu (Nathan Lawson)
Date: Wed, 11 Jan 1995 11:53:45 -0800 (PST)

What's xcrowbar, and how does it "turn[] off the authority mechanisms
altogether"?  In my experience, only clients running on the local host,
or the xdm host if the server was started with xdm, can fiddle with the
access control mechanisms.


It's basically a C program that does the equivalent of "while (1) { 
xhost +".  It does have to be run on the local machine.

In any case, yes, it's true that "xhost -" doesn't magically mean
you're safe again.


Yes.  Perhaps the ident info that you wished to log would come in handy when
wondering where that gif was coming from.  :)

-- 
Nathan Lawson   | "One of the advantages of using UNIX to teach an operating
CSL 490 Admin   |  systems course is the sources and documentation will easily
756-7180 @Work  |  fit into a students briefcase."  -- John Lions (1976)

Current thread:

mountd keeps vanishing (!), (continued)
- - - mountd keeps vanishing (!) Eric Berggren (Jan 11)
    - Re: mountd keeps vanishing (!) Eric Kimminau (Jan 12)
    - Re: mountd keeps vanishing (!) Karl Strickland (Jan 12)
    - Re: mountd keeps vanishing (!) Pete Shipley (Jan 14)
    - X Window System security Stephen Gildea (Jan 11)
- Re: Xwindows security? William McVey (Jan 10)
  - Re: Xwindows security? Benjamin Fried (Jan 10)
- Re: Xwindows security? Doug McLaren (Jan 11)
- Re: Xwindows security? der Mouse (Jan 11)
  - xcrowbar Dave Goldberg (Jan 11)
  - xcrowbar/ident for x Nathan Lawson (Jan 11)