Re: Taking over vnc, vnc-doc. Also xdm information request.
On Tue, Mar 17, 1998 at 05:44:19PM +0300, Amos Shapira wrote:
> Marcus Brinkmann wrote:
> > although I don't understand what it is doing, it is working quite good now.
>
> X11 magic cookies are usually generated when a user logs in, XDM
> copies them to the ~user/.Xauthority file which is supposed to
> be readable only by the user. The server also knows the cookie's
> value.
>
> The idea is that each X11 client which connected to the X server
> proves that he can read your .Xauthority file by sending the cookie (or
> some variation on it, so people can't sniff it from the net).
> Since the cookie is (hopefully) very random there is very little
> chance that an imposter will be able to guess it.
Ah, I see. If I want to start a client from elsewhere, I have first to copy
the cookie to it, everytime the X server was new started (if I try to
display a remote client on my home station, for example). Thsi I can do with
xauth -extract and -merge (or -add or whatever it is), right?
> More than one cookie can be stored in each file, and they are
> associated with a particular display. The X server disntinguishes
> between the UNIX-domain socket (the one used in ":0.0") and the
> TCP port 6000 socket (the ones used when giving a hostname),
> that's why you have to copy the cookie twice - once for each display
> you might use.
Mmmh. I know what a TCP port, but not what a UNIX-domain socket is.
> > Now to the quote above: Xvnc is using a single password for authorization.
> > The startup scripts uses the above lines I do not understand. Later a viewer
> > client can connect to the server via TCP, only giving the password stored in
> > a file readable by the server. I don't think that this is a very elegant
> > solution, but I'm afraid that there is not much we can do about it...
>
> I haven't peeped into vnc yet so I don't knw exactly the context in
> which this script runs. The basic thing is that it uses xauth (the
> authority file management program) to add new cookies to the
> .Xauthority file (or whatever file the XAUTHORITY envariable
> points to). BTW, you better use something more random for the
> seed, like (from the perlfunc manual):
>
> srand (time ^ $$ ^ unpack "%L*", `ps axww | gzip`);
>
> read the srand section in perlfunc for more detail. Using the
> SUM of the pid and time is not random enough since a proximate
> guess is pretty easely obtainable (anyone knows what's the time,
> and pid's can be aproximated from current pid lists). You might
> also want to look at the debian archives for even better random
> number generators, or use Linux' /dev/urandom.
Ok, but it wasn't my code (it was the upstream code.) I may include this
change in the next version, though. Thank you very much! Probably it helps a
bit to make vnc more secure (although it is very insecure from a security
point of view.)
Thank you again,
Marcus
--
"Rhubarb is no Egyptian god." Debian GNU/Linux finger brinkmd@
Marcus Brinkmann http://www.debian.org master.debian.org
Marcus.Brinkmann@ruhr-uni-bochum.de for public PGP Key
http://homepage.ruhr-uni-bochum.de/Marcus.Brinkmann/ PGP Key ID 36E7CD09
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: