Vulnerability Development mailing list archives
Re: Problem with xkill
From: xm <xm () while1 net>
Date: Fri, 22 Mar 2002 17:06:47 -0500 (EST)
On Fri, 22 Mar 2002, Anthony Gruppuso wrote:
normal user, but what amazed me, was the my xkill process, as a normal user, was able to kill a process that did not belong to me. The other user clicked the cursor on an xterm, and it died. I checked to see if the xkill binary was setuid root, but it was not. This is definatley not a good 'feature.' :) Input on this logic would be greatly
From the Linux xkill manpage:
Xkill is a utility for forcing the X server to close con-
nections to clients.
It is not directly killing the program but forcing the X server to close
the client's connection. The security issue at hand is allowing you to
connect to his xserver (with the xkill binary).
--
xm () while1 net (http://while1.net/)
Current thread:
- Problem with xkill Anthony Gruppuso (Mar 22)
- Re: Problem with xkill xm (Mar 22)
- Re: Problem with xkill Valdis . Kletnieks (Mar 22)
- Re: Problem with xkill Michel Arboi (Mar 23)
- <Possible follow-ups>
- RE: Problem with xkill anthony gruppuso (Mar 22)
- RE: Problem with xkill Ron DuFresne (Mar 22)
- Re: Problem with xkill KF (Mar 23)
- RE: Problem with xkill Michel Arboi (Mar 23)
- RE: Problem with xkill Ron DuFresne (Mar 22)
- RE: Problem with xkill Joe Gruppuso (Mar 25)
- RE: Problem with xkill Ron DuFresne (Mar 25)
- RE: Problem with xkill Sumit Dhar (Mar 26)
- RE: Problem with xkill Ron DuFresne (Mar 25)