Re: Remote Root In Nvidia xserver Driver
On Wed, 18 Oct 2006, Sam Morris wrote:
> > sshing to a compromised machine with X forwarding enabled is already a
> > big enough problem without adding root exploits.
> >
> > Don't ssh with X forwarding to an untrusted machine. Ever.
>
> The point is that I may trust the machine, it may have been compromised
Unfortunately if you cannot know for sure it was not compromised, all you
can do to increase your attack surface is to never ssh with X forwading to
it.
There are alternatives, such as vnc-like systems, which can (in theory) be
made a lot safer than straight X11.
> Isn't the X11 security extension designed to help with these issues? But
Yep, but do you have it set to its strictest modes and declaring all other
connections but the ones from your console as "untrusted"? Do you always
use xterm in "secure keyboard mode" to type in passwords? I don't know many
people who do either.
> anyway, you can't deny that this vulnerability increases a users' attack
> surface significantly. Especially since someone else pointed out that a
Indeed, it does.
Give nVidia hell over their irresponsible instance on the issue. Drop
nVidia graphics and start using the latest Intel stuff, or the older ATI
stuff (ATIs that need properietary drivers are even worse than nVidia),
which have non-joke free software support, etc.
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
Reply to: