Re: Remote Root In Nvidia xserver Driver
On Tue, 17 Oct 2006 21:53:49 -0400, Noah Meyerhans wrote:
> However, as I read it,
> it sounds like you can only run arbitrary code if you are actually
> accessing the X server directly via a client. While this client can be
> local or remote, nobody is going to allow unauthenticated remote clients
> to access their X server, so this might not be so bad...
I disagree. SSHing to a compromised host should not open the client
machine up to security vulnerabilities of this kind.
--
Sam Morris
http://robots.org.uk/
PGP key id 1024D/5EA01078
3412 EA18 1277 354B 991B C869 B219 7FDB 5EA0 1078
Reply to: