Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 2 Feb 2010 16:29:37 +0000
From:      Anon <anon@elhacker.net>
To:        freebsd-x11@freebsd.org
Subject:   ffmpeg can record the display of any user
Message-ID:  <619714181002020829u79e34c50ld59e148e5e3dfb3e@mail.gmail.com>
In-Reply-To: <6AB239B3-F2F3-4DD7-A2FD-F2C40FB7A34A@elvandar.org>
References:  <619714181002010849w4641fbb3lc696b966802c8f4d@mail.gmail.com> <6AB239B3-F2F3-4DD7-A2FD-F2C40FB7A34A@elvandar.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
I forwarded the email, the above suggestion.

I think that if is a problem that must be solved

example
ffmpeg -f x11grab -r 30 -sameq -s 854x480 -i :0.0 archivo.avi

I created a user with limited privileges and can still be recording the
display of root or another user.

- Anon



---------- Forwarded message ----------
From: Remko Lodder <remko@elvandar.org>
Date: Mon, Feb 1, 2010 at 7:20 PM
Subject: Re: ffmpeg can record the display of any user
To: Anon <anon@elhacker.net>
Cc: secteam@freebsd.org



On Feb 1, 2010, at 5:49 PM, Anon wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I do not know where the problem, however any user can record the
> display using ffmpeg
>
> example:
> ffmpeg -f x11grab -r 30 -sameq -s 854x480 -i :0.0 archivo.avi
>
> I created a user with limited privileges and can still be recording
> the display of root or another user.
>


Dear Anon,

We have received your message. However I do not feel this is a security
issue
within FreeBSD. X, where the display is being set, is reponsible for sharing
the
desktop etc. ffmpeg is an additional third party port that has access to
this.

It might be best to ask around on the ports@ mailinglist or even x11@ (might
be better now that I think of it) on how to tune down display access from
local users.

Cheers and thanks for trying to help and make FreeBSD better, it's
appreciated!

--
/"\   Best regards,                        | remko@FreeBSD.org
\ /   Remko Lodder                      | remko@EFnet
X    http://www.evilcoder.org/    |
/ \   ASCII Ribbon Campaign    | Against HTML Mail and News

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?619714181002020829u79e34c50ld59e148e5e3dfb3e>