Bugtraq mailing list archives
X Security: a summary
From: Lionel.Cons () CERN CH (Lionel Cons)
Date: Tue, 7 Oct 1997 11:59:03 -0400
I've written some pages on the web describing different aspects of "X security". There is nothing really new here but it seems that most people are unaware of all the kinds of problems they may face. Here is an example:
Joe is a skilled sysadmin with good UNIX security knowledge. His personal workstation is highly protected and his pager gets an alarm when someone tries to portscan any of his machines. At the end of the day, to relax a bit, he connects to a public server (with ssh of course) using a non-privileged account. He then starts Netscape to enjoy the latest Tamagotchi Java applet. A few minutes later, he hears his local disk spinning while his home directory is being destroyed... How can this be possible? Exploiting yet another flaw in Java/Netscape, a bad guy gets read access to his non-privileged account. From here, he can connect to the X server on Joe's workstation using the ssh X forwarding capability. He then simply sends "rm -fr ~" to a Tk/Tcl application, locally running on Joe's workstation...
One page describes a program that I wrote (named mxconns) that may help you to protect your X server. If you are interested, have a look at http://wwwinfo.cern.ch/dis/security/x/ Comments, additions, etc. are welcome! ________________________________________________________ Lionel Cons http://wwwinfo.cern.ch/~cons CERN http://www.cern.ch - Hinds' 6th Law of Computer Programming Program complexity grows until it exceeds the capability of the programmer who must maintain it.
Current thread:
- HP-UX tcp_random_seq Aleph One (Oct 06)
- Re: HP-UX tcp_random_seq Casper Dik (Oct 07)
- X Security: a summary Lionel Cons (Oct 07)