Date: Fri, 7 Mar 1997 08:44:01 +0200 (EET) From: Seppo Kallio <kallio@cc.jyu.fi> To: freebsd-security@freebsd.org Subject: XFree86 + startx Message-ID: <Pine.LNX.3.95.970307083250.30773e-100000@itu.cc.jyu.fi> In-Reply-To: <331ED3ED.4950@fasts.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Is this a known bug/feature:
We have some FreeBSD + Linux workstations running FreeBSD 2.2 and Linux
RedHat 4.1.
I think both have same security problem in XFree:
First, asume one logins on the console into the workstation in ascii mode
(not using xdm) and then startx X by giving startx command. Second after
that someone is making remote login (telnet or rlogin) to the same
workstation.
Now the last one can use the screen as he/she likes by defining setenv
DISPLAY nodename:0.0 (or maybe even setenv DISPLAY :0.0). The user can spy
all keystrokes, see full screen etc. If the first user types passwds etc.
the second can see them.
We have corrected this by adding X authorization to the startx script:
1. about at line #23: serverargs="-auth $HOME/.Xauthority"
(was serverargs="")
2. add before xinit start:
xauth add :0 . `mcookie`
xauth add `hostname`:0 . `mcookie`
(3. xinit can be started using exec)
Seppo Kallio kallio@cc.jyu.fi
Computing Center Fax +358-14-603611
U of Jyväskylä 62.14N 25.44E
PL 35, 40351 Jyväskylä, Finland http://www.jyu.fi/~kallio
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.95.970307083250.30773e-100000>