Re: X authentication and su (Re: changing framebuffer device owner during login)

To: Development of Debian <debian-devel@lists.debian.org>
Subject: Re: X authentication and su (Re: changing framebuffer device owner during login)
From: joost@topaz.mdcc.cx (Joost Kooij)
Date: Tue, 19 Jun 2001 02:28:50 +0200
Message-id: <[🔎] 20010619022850.F18724@topaz.mdcc.cx>
In-reply-to: <[🔎] 20010619021618.F16981@cistron.nl>

On Tue, Jun 19, 2001 at 02:16:18AM +0200, Wichert Akkerman wrote:
> If it is indeed an untrusted binary you don't want it to be able to
> chat with your X display anyway since it could immediately grab
> another open window and start inserting commands in that. The
> proper strategy is to run Xnest and run the application in that
> instead.

Oh I agree.  Maybe I should have written:

paranoid> /usr/bin/X11/netscape http://untrusted.net/pagewithevilscripts &

BTW, if I were to immediately send the untrusted app process a SIGSTOP
(preferably before the app is able to setup an alternate handler)
and issue the approriate "xauth del", would the app, when resumed,
still be able to play these tricks?  IIRC it wouldn't, because playing
these tricks require it to establish new connections to the xserver,
which it will no longer allowed to do.

But really, if one wants to run an untrusted app safely, it should
be done in a highly isolated environment, preferably a seperate and
dedicated system.

Cheers,

Joost

Reply to:

References:
- Re: X authentication and su (Re: changing framebuffer device owner during login)
  - From: Wichert Akkerman <wichert@wiggy.net>

Prev by Date: Re: X authentication and su (Re: changing framebuffer device owner during login)
Next by Date: Re: New debian-devel archive
Previous by thread: Re: X authentication and su (Re: changing framebuffer device owner during login)
Next by thread: Re: X authentication and su (Re: changing framebuffer device owner during login)
Index(es):
- Date
- Thread