Re: ssh authentication
"Noah L. Meyerhans" wrote:
>
> On Wed, Nov 29, 2000 at 04:38:09PM +0100, robert_wilhelm_land wrote:
>
> <snipped stuff about linking /root/.Xauthority to ~user/.Xauthority>
>
> > > No! Don't do this! By doing so you are lowering the security level of
> > > your machine down to your user account. It's bad enough that security
> > > depends on a root account; it should *never* depend on a user account.
> >
> >
> > Lowering only the X11 root permissions or the permisions of all apps?
> >
> > I tried to edit /etc/passwd by user "rland" and it did not work. So
> > file restrictions do not seem to be affected by root accessing
> > .Xauthority in the rland ~/.
>
> No, it doesn't affect how actual commands behave. Root's account should
> be a protected and self-contained account. That's one of the reasons
> that root's not allowed (by default) to log in via the network. By
> having root read a user's configuration files, you're setting things up
> such that the ability to access your configuration file is identical to
> the ability to access root's config file. Any unauthorized access to
> your account implies access to root's account. In other words, if
> somebody cracked your machine in such a way that they could log in as
> you (*much* easier than cracking root access) they could use the fact
> that root reads your config files to gain root access. They could
> effectively modify root's .Xauthority simply by editing your own.
Thanks for your response, Noah.
Noah, unfortunatly I'm not able to follow your explaination because I
have no precise imagination exactly how the link lowers the system
security. I have had a look into .Xautority, but its a binary. Then
the link someone suggested is uni-directional and not bi-directional.
So if I would set the /root dir to drw- --- --- nobody would be able
to see the link. After all, this autority file only seems to restrict
X11 access and as a newbie I have absolutely no idea what might happen
when setting the suggested link.
The only thing which just pops up into my mind is the TCP traffic
OS<->X11 which might be spoofed when lowering X11 root permissions.
Was that what you wanted to say?
But how can this happen when keeping only to a local mashine?
Robert
Reply to: