Bugtraq mailing list archives

Re: X11 cookie hijacker

From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Wed, 4 Nov 1998 02:53:29 +0000

Both of these require all X servers (and servers for the other services
you mention later) run with sufficient privileges).  The first opens up
a DoS for servers that don't have sufficient privileges.  XFree86, for
example, ships with three "servers" that are not normally run with
sufficient privileges (lbxproxy, Xnest, Xvfb).


I'd rather have my Xservers setgid X11 than totally insecure. There are
neat Linux solutions with the non fs name space but setgid X11 appears to
be the requirement for safe server side creation.

Is setgid X11 a problem, given the worst gaining it can do is to leave you
back where we are right now ?

Current thread:

X11 cookie hijacker Pavel Kankovsky (Nov 02)
- SSHD Exploit Justin Foutts (Nov 01)
- ISS Security Advisory: BMC PATROL File Creation Vulnerability X-Force (Nov 02)
- Re: X11 cookie hijacker David Dawes (Nov 02)
  - Re: X11 cookie hijacker Alan Cox (Nov 03)
  - Re: X11 cookie hijacker Olaf Kirch (Nov 05)
- [rootshell] Security Bulletin #25 Aleph One (Nov 03)
- Re: X11 cookie hijacker Willy TARREAU (Nov 04)
- Re: X11 cookie hijacker Casper Dik (Nov 04)
- <Possible follow-ups>
- Re: X11 cookie hijacker der Mouse (Nov 04)
  - Regarding the reported DOS against the internal interface of a WatchGuard Rapid Response (Nov 04)
  - IE 4.x does not appear to save custom security settings John Schultz (Nov 04)
  - Re: X11 cookie hijacker David Dawes (Nov 04)
  - xlock mishandles malformed .signature/.plan Aaron Campbell (Nov 04)
    - Making xlock setuid root Stefan Rompf (Nov 06)