[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ssh authentication

"Noah L. Meyerhans" wrote:
> On Wed, Nov 29, 2000 at 04:38:09PM +0100, robert_wilhelm_land wrote:
> <snipped stuff about linking /root/.Xauthority to ~user/.Xauthority>
> > > No!  Don't do this!  By doing so you are lowering the security level of
> > > your machine down to your user account.  It's bad enough that security
> > > depends on a root account; it should *never* depend on a user account.
> >
> >
> > Lowering only the X11 root permissions or the permisions of all apps?
> >
> > I tried to edit /etc/passwd by user "rland" and it did not work. So
> > file restrictions do not seem to be affected by root accessing
> > .Xauthority in the rland ~/.
> No, it doesn't affect how actual commands behave.  Root's account should
> be a protected and self-contained account.  That's one of the reasons
> that root's not allowed (by default) to log in via the network.  By
> having root read a user's configuration files, you're setting things up
> such that the ability to access your configuration file is identical to
> the ability to access root's config file.  Any unauthorized access to
> your account implies access to root's account.  In other words, if
> somebody cracked your machine in such a way that they could log in as
> you (*much* easier than cracking root access) they could use the fact
> that root reads your config files to gain root access.  They could
> effectively modify root's .Xauthority simply by editing your own.

Thanks for your response, Noah.
Noah, unfortunatly I'm not able to follow your explaination because I
have no precise imagination exactly how the link lowers the system
security. I have had a look into .Xautority, but its a binary. Then
the link someone suggested is uni-directional and not bi-directional.
So if I would set the /root dir to drw- --- --- nobody would be able
to see the link. After all, this autority file only seems to restrict
X11 access and as a newbie I have absolutely no idea what might happen
when setting the suggested link.

The only thing which just pops up into my mind is the TCP traffic
OS<->X11 which might be spoofed when lowering X11 root permissions.
Was that what you wanted to say?

But how can this happen when keeping only to a local mashine?


Reply to: