Thor Lancelot Simon wrote:
> On Fri, Dec 22, 2006 at 03:39:00AM +0100, Christian
Biere wrote:
> > Matthias Drochner wrote:
> > > One can argue (as does Joerg) that such an
attacker could
> > > listen to X11 events carrying the passwd as
well, so there
> > > is no additional danger.
> > That's one reason why I prefer the console over X
for certain things.
> You understand that an attacker with your UID can
simply read from your
> tty, right, since it's a file you can open? Or, for
that matter, from
> the memory image of your process, using ptrace. The
X11 thing is really
> a red herring.
No, it's not a red herring. If I log into a remote host
using X11, an
attacker can sniff all X events on the remote machine and
possibly even
inject events into terminals I have open locally. That's why
I don't like
mixing users under X and I don't use a window manager when
logging into
a machine using X that I don't trust because that would
potentially
allow the remote side to start xterm or whatever on my
machine etc. Of
course I have to trust my X server to be not exploitable
this way.
--
Christian
|