--===============1030245597==
Content-Type: multipart/signed;
boundary="nextPart1391316.4GzJqDJ4XN";
protocol="application/pgp-signature";
micalg=pgp-sha1
Content-Transfer-Encoding: 7bit

--nextPart1391316.4GzJqDJ4XN
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Am Sonntag, 12. Februar 2006 13:34 schrieben Sie:
> On Sunday 12 February 2006 07:12, Christian Mueller wrote:


> > These are no exploits. The articles you linked to are applications=20
> > of the way security works (or doesn't work) on Unixoid systems / X11. =

=20
> > They describe what root can do in such an environment. That's=20
> > what a cracker could do *after* using an exploit to gain root=20
> > privileges.

>=20
> Sorry. These programs run as normal users, not as root.



Please explain. I haven't seen anything like that in the articles.=20

=46or example the instructions in=20
http://www.hackinglinuxexposed.com/a...040608.html=20
start with the words: =20

"First, log into the victim's desktop, __become root__, and set up your=20
environment to access his X11 server" (emphasis added)


Christian.


--nextPart1391316.4GzJqDJ4XN
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQBD7y3rdKozh3+HUO4RAhk4AKDJbbn26T95j8XSZlWuMy RoKYUvIgCgsca9
9eLsPAnEDOAW7MC35+orYq0=
=auA0
-----END PGP SIGNATURE-----

--nextPart1391316.4GzJqDJ4XN--

--===============1030245597==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<


--===============1030245597==--