[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Xorg: Security past client auth.

To be honest I can't say one way or another about weather there are
security issues in X if one has malicious clients connected.

However I'm not having success discussing these matters over at
xorg-devel@lists.x.org.  I'm not the most likable person and I've even
recently discovered that there a ppl who won't hesitate to pick on me.
I can understand why ppl don't like me and that I have issues correctly
expressing myself, even so I belive that what I'm trying to say is
important.  I believe that a discussion and perhaps further
documentation on the security of X and more importantly the future
security of X is overdue.

For the purposes of this discussion I'd like to use a vary loose
definition for malicious clients, to include any client running on a
remote(from the X server) system.  I believe that any system can be
compromised and thus unknowingly be running a rootkit.  There should be
layers of security that would limit the effectiveness of such an attack.
 I belive doing so will cause Malicious Programmers and Users to be less
likely to develop and deploy rootkits that have hooks into xclients to
attack remote X servers.

Therefore it's my assumption that a lack of security in this area would
make the once Network Transparent Windows System, less useful over any
network and promote the spread of any type of rootkit.

This started after I read A LWN article about the [1]story of the XInput
multitouch extension.  It seams that this extension may leak sensitive
information to malicious clients.

1. http://lwn.net/Articles/485484/

I wanted to discuss the issue with the grater X community, believing
that what code to accept and reject as patches was indeed on-topic for
xorg-devel@lists.x.org I [2]posted over there first.

2. http://lists.x.org/archives/xorg-devel/2012-June/031561.html

I was eventually moderated and have lost my ability to speak in that
forum.  This alone tells me that I need to keep trying, there is
obviously some form of oppression going on here as me myself have been

I though that even though this may be off-topic here that it would be of
interest as I've often seen discussions here about matters of local user
privilege escalations and although it may be a solution to not allow
malicious users this removes a vital feature.  In much the same way not
allowing malicious clients on an X server also removes a vital feature.

I wonder if there is anyone who believes this should be a priority?  I
can see why in the spirit of progress that either of these could be
sacrificed, though unless done secretly there is bound to be some user
resistance.  My intent is to ensure that something like this never done
behind even an accidental vial of secrecy, as has seemingly happened in
this case.

Thank you.

Reply to: