[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid/setgid binaries contained in the Debian repository.

On Tue, Aug 19, 2003 at 01:14:33AM +0300, Richard Braakman wrote:

> This might be true for text-based games, though even they could reprogram
> the terminal in nasty ways.  Games that use X11, however, will need
> access to the user's X session, and that basically gives them free
> reign.  They'll be able to do fun things like listen to keypress events
> or paste text into an open xterm.
> If you do find a way to run graphical games in a separate uid, then let
> me know -- I'll want to use that for my web browser :-)

xauth -f someplace-else generate $DISPLAY . untrusted

It breaks some applications, though.

 - mdz

Reply to: