Re: Accounts for client programs

To: debian-security@lists.debian.org
Subject: Re: Accounts for client programs
From: Peter Cordes <peter@llama.nslug.ns.ca>
Date: Tue, 1 Jul 2003 05:33:04 -0300
Message-id: <[🔎] 20030701083304.GB26749@llama.nslug.ns.ca>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <20030630062242.GA11222@netnation.com>
References: <Mahogany-0.65.0-9444-20030629-144346.00@pcw2k69.energoinfo.sk> <20030630062242.GA11222@netnation.com>

On Sun, Jun 29, 2003 at 11:22:42PM -0700, Simon Kirby wrote:
> It's probably possible for something to overflow an X packet or something
> in the middle and obtain root by opening a new shell and issuing
> commands, or maybe it's even possible for X clients to fake keystrokes to
> other windows, but most of the stuff I run is text-only anyway.

 A program could connect to your X server even if it looks like a text-only
program.  Unless you ldd every new binary before you run it, it could even
be linked to X libraries.  (It would probably bulk up the binary a lot (i.e.
noticeably) to statically link in enough X library stuff to send keystrokes
to other windows, etc.)

 Still, that's not the sort of thing a virus would usually do.  It's more
along the lines of what someone attacking you, personally, might try.  (esp.
after reading your message... :]

-- 
#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug.n , s.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BC

Reply to:

Next by Date: Re: Announcement: APT Secure
Next by thread: Re: Announcement: APT Secure
Index(es):
- Date
- Thread