From owner-freebsd-security  Tue Sep 15 23:05:09 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA07698
          for freebsd-security-outgoing; Tue, 15 Sep 1998 23:05:09 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from rover.village.org (rover.village.org [204.144.255.49])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id XAA07687
          for <freebsd-security@freebsd.org>; Tue, 15 Sep 1998 23:05:04 -0700 (PDT)
          (envelope-from imp@village.org)
Received: from harmony [10.0.0.6] 
	by rover.village.org with esmtp (Exim 1.71 #1)
	id 0zJAhi-0002bU-00; Wed, 16 Sep 1998 00:04:38 -0600
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.1/8.8.3) with ESMTP id AAA04664; Wed, 16 Sep 1998 00:05:34 -0600 (MDT)
Message-Id: <199809160605.AAA04664@harmony.village.org>
To: rotel@indigo.ie
Subject: Re: X Security (was: Re: Err.. cat exploit.. (!)) 
Cc: freebsd-security@FreeBSD.ORG
In-reply-to: Your message of "Tue, 15 Sep 1998 22:25:03 -0000."
		<199809152125.WAA01218@indigo.ie> 
References: <199809152125.WAA01218@indigo.ie>  
Date: Wed, 16 Sep 1998 00:05:34 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <199809152125.WAA01218@indigo.ie> Niall Smart writes:
: Actually, xterm will not accept synthetically generated keystrokes
: from XSendEvent by default, but there is nothing stopping someone
: from capturing keystrokes and other events.  This is a pretty
: pedantic point, anyone using xhost to manage X security deserves
: to get stung.

But it will accept keystrokes generated from XTEST by default.  I have
a newton keyboard I use with my libretto which uses this feature.  It
would appear that the keystroke program even works with a remote
display I can connect to, which is both way cool, and a possible
nightmare from a security point of view.  XTEST even supports mouse
movements and clicking, which I plan to add to the newton keyboard
just as soon as I find a way of faking mice that I like.  There are
serveral X extensions that can be used here that are compiled into
XFree86 by default.  I think they are XInputExtension, XKEYBOARD and
XTEST, but I'm not sure about XKEYBOARD.

There is even a RECORD extension listed on my xdpyinfo output that
looks like it could be very interesting indeed.

X security is less like swiss cheeze, and more like chicken wire if
you are just using xhost for your security.

Warner

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message