Re: X11 exploit info

--===============0965290519==
Content-Type: multipart/signed;
boundary="nextPart1274066.CicchEtsyJ";
protocol="application/pgp-signature";
micalg=pgp-sha1
Content-Transfer-Encoding: 7bit

--nextPart1274066.CicchEtsyJ
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Am Samstag, 11. Februar 2006 14:39 schrieb Ivor Hewitt:[color=blue]
> All of these assume I had the ability to gain root access of the machine =[/color]
that=20[color=blue]
> the victim is logged into. So shock horror, it's possible for a system ad=[/color]
min=20[color=blue]
> to access my files/session.[/color]

Just to state it clearly (as the victim is logged into two machines,=20
his local one and the remote one he connects to using "ssh -X"): =20
Root is needed only on the remote machine.

Do you feel it's normal and that everyone is aware(!) that anyone being root
(by admin role or by exploit) on a remote machine I "ssh -X" into can=20
do arbitrary things to my *local* X server (keyloggers and faked password=20
dialogs come to mind)? Why should a remote admin have the right to open=20
windows on my local machine. Ok, you could say I allowed him to do that=20
by specifying that very "-X" option. =20

I think the warning is justified. It may be a bit off-topic on a=20
KDE-specific list though.=20


Christian.=20


--nextPart1274066.CicchEtsyJ
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQBD7ny0dKozh3+HUO4RAsA+AKCMrhdqcmY8Tf29Wq4gLtLKjc0CrwCgzWYU
74ohn+nxsCFODHSwF+ZJUIU=
=JTPv
-----END PGP SIGNATURE-----

--nextPart1274066.CicchEtsyJ--

--===============0965290519==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

[color=blue][color=green]
>> Visit [url]http://mail.kde.org/mailman/listinfo/kde-devel#unsub[/url] to unsubscribe <<[/color][/color]

--===============0965290519==--