[10651] in bugtraq
Re: Possible Netscape/Unix (Debian) problem
daemon@ATHENA.MIT.EDU (Andreas Trottmann)
Wed May 26 16:23:27 1999
Mail-Followup-To: Graham Evans <gevans@BESPOKE-CONTINENTAL.CO.UK>,
BUGTRAQ@netspace.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990526212717.A9305@guardian.aart.ch>
Date: Wed, 26 May 1999 21:27:17 +0200
Reply-To: Andreas Trottmann <andreas.trottmann@WERFT22.COM>
From: Andreas Trottmann <andreas.trottmann@WERFT22.COM>
X-To: Graham Evans <gevans@BESPOKE-CONTINENTAL.CO.UK>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <374B410C.FA3738CA@bespoke-continental.co.uk>; from Graham Evans
on Wed, May 26, 1999 at 12:32:12AM +0000
On Wed, May 26, 1999 at 12:32:12AM +0000, Graham Evans wrote:
> Take two unix boxes (A and B), on the console of A, run X and allow B to
> access the screen (using the xhost command).
Now you opened up Pandora's box. B can sniff A's keyboard, "inject"
keystrokes and mouse movements into the input stream and spy on A's
screen. And probably do much more that doesn't come to my mind right now.
It all boils down to "xhost is evil".
> Telnet into B and (after
> setting the DISPLAY env) run netscape.
>
> You now get a copy of netscape running on b (type "file:/etc/hostname"
> in the location bar)
What follows is just an effect of a feature (not a bug!) of Debian's
netscape wrapper script to re-use already running netscape processes. Check
out /usr/X11R6/bin/netscape to see what exactly it does, and you should be
able to duplicate this behaviour on any Unix system.
--
Andreas Trottmann <andreas.trottmann@werft22.com>
