[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Strange X11 Assersion

Thanks for the clarification. I had posted that I thought it was FUD, but my language was _too_ strong. Yeah, that makes sense, but it was presented to me on such a wide scale, that it didn't make sense to me. Would it be correct this this is about as severe, as have a root user at all. (Because the root password could be set to empty and them /proc/mem used to intercept other programs). An issue, but a manageable one (use a real password). 

Philip Thiem
--On Monday, October 04, 2004 05:37:26 PM -0700 Dale Southard <dsouth@llnl.gov> wrote: 


Philip Thiem <witwerg@icequake.net> writes:


Recently a friend made the assertion that I want to get some feed back
on:

"if you connect to an x server you have access to the protocol stream
of any other user also connected to it"



I believe that this is more or less correct.

If you can connect to an X11 server, you can use either the RECORD,
XTrap, or DEC-XTrap extensions to access the protocol stream.  You can
also take control of input devices using XTEST.  There are some limits
(eg, I think openGL/GLX stuff that goes through DRI won't get posted).


--

/*  Dale Southard Jr.  dsouth@llnl.gov  925-422-1463 fax 422-9429  */
/*  Computer Scientist, Advanced Simulation and Computing Program  */
/*  L-073,  Lawrence Livermore National Lab,  Livermore CA  94551  */




Philip Thiem -- Icequake.net Administrator
Isn't it obvious lumberjacks love traffic lights?
GPG Pub Key Archived at wwwkeys.us.pgp.net

Attachment: pgpQ0OZFzG8fS.pgp
Description: PGP signature

Reply to: