Ivor,

Did you read all the way to the end of the article on hazards of forwarding?

On Saturday 11 February 2006 08:39, Ivor Hewitt wrote:
> On Saturday 11 February 2006 12:15, Dave Feustel wrote:
> >
> > 05-Jul-2004: SSH Users beware: The hazards of X11 forwarding
> > Logging into another machine can compromise your desktop...
> >

> " If someone on the server can read your ~/.Xauthority file (hopefully only
> root, but if you have bad file permissions you're in trouble),"
>
> I'm sorry, thats just too stupid to be worth commenting on.
>
> > 08-Jun-2004: The ease of (ab)using X11, Part 2
> > Abusing X11 for fun and passwords.
> >

> and again:
>
> "First, log into the victim's desktop, become root, and set up your
> environment to access his X11 server:"
>
> > 13-May-2004: The ease of (ab)using X11, Part 1
> > X11 is the protocol that underlies your graphical desktop environment, and
> > you need to be aware of its security model.
> >

>
> and again:
>
> "Now I need to get access to his magic cookies. Since I'm root, I can read all
> files on the filesystem, so I just need to let the underlying X11 calls know
> where "my" .Xauthority file lives:"
>
> All of these assume I had the ability to gain root access of the machine that
> the victim is logged into. So shock horror, it's possible for a system admin
> to access my files/session.
>


--
Lose, v., experience a loss, get rid of, "lose the weight"
Loose, adj., not tight, let go, free, "loose clothing"

>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<