Re: Disabling X server access control

From: Thorsten Küfer (thorsten.kuefer_at_uni-muenster.de)
Date: 01/12/05

  • Next message: Gandalf Parker: "Re: Compromised user account, consequences?"
    Date: Wed, 12 Jan 2005 09:27:33 +0100
    
    

    Menno Duursma wrote:
    > On Tue, 11 Jan 2005 16:21:59 +0100, Thorsten Küfer wrote:
    >
    >>I used to disable the access control of the X server with 'xhost +' so that
    >>I can easily connect as root.
    >
    > Better to use XAUTHORITY (and/or forwanding over SSH.)
    >
    >>What possibilities does this provide to other people?
    >
    > Lots ...
    >
    >>If they can connect, can they see my desktop
    >
    > Yes: xwd / xwud
    >
    >>or grap my keyboard?
    >
    > Probably: xspy

    Oh, that's not very calming. What one silly command can do...

    Thank you
    Thorsten


  • Next message: Gandalf Parker: "Re: Compromised user account, consequences?"

    Relevant Pages

    • Re: X11Forwarding, ssh -X, and /bin/su
      ... ]>but I'm not really tunneled using ssh then, ... ]connecting to the X server and have the home directory NFS-mounted ... ](unless you leave root unmapped over NFS, ... ]root-readable place and set the environment $XAUTHORITY variable ...
      (comp.security.ssh)
    • RE: Linux hacked
      ... Also, what exactly did the history file show, can you paste it into a mail ... > First let me say I'm a security novice. ... > been unsuccessful in getting root back. ... > via ssh but you could su in once logged in as one of three users. ...
      (Security-Basics)
    • Re: Linux hacked
      ... To find out what kernel version you are running, type "uname -a" without ... > been unsuccessful in getting root back. ... > via ssh but you could su in once logged in as one of three users. ...
      (Security-Basics)
    • RE: Linux hacked
      ... hack the box, pull the drive and save it. ... Use the newest versions of Gentoo, Apache, SSH, PHP and Squirl Mail. ... been unsuccessful in getting root back. ... I found a hidden directory /var/tmp/.tmp that has a bunch of directories ...
      (Security-Basics)
    • RE: Linux hacked
      ... Was any of the sites running a php nuke or another portal or system that is vuln ... been able to use that with a locla root exploit to gain root on the machine. ... > hack the box, pull the drive and save it. ... > Use the newest versions of Gentoo, Apache, SSH, PHP and Squirl Mail. ...
      (Security-Basics)