On Saturday 11 February 2006 14:05, Dave Feustel wrote:
> Ivor,


> > " If someone on the server can read your ~/.Xauthority file (hopefully
> > only root, but if you have bad file permissions you're in trouble),"
> >
> > I'm sorry, thats just too stupid to be worth commenting on.

>
> Did you read all the way to the end of the article on hazards of
> forwarding?
>

No I simply read a few random paragraphs before posting to the list.

The "exploit" requires either that I have incorrectly set permissions, in
which case who's to say in what other ways I'm vulnerable or what information
I'm leaking.
alternatively it requires I'm using a system with corrupt system
administrators, in which case the same applies.

other similar exploits:-
apparently if I have 8 barrel mortice locks on my property it's possible for
someone to liberate me of my worldly possessions if I leave a set of keys
under a plantpot.
secondly it's possible for my solicitor to empty my client account and do a
bunk to the brazil with the proceeds with his secretary.

--
Ivor Hewitt.

>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<