[8398] in bugtraq

home help back first fref pref prev next nref lref last post

Re: X11 cookie hijacker

daemon@ATHENA.MIT.EDU (Alan Cox)
Wed Nov 4 14:12:55 1998

Date: 	Wed, 4 Nov 1998 02:53:29 +0000
Reply-To: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
X-To:         dawes@XFREE86.ORG
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <19981103181354.L6133@rf900.physics.usyd.edu.au> from "David
              Dawes" at Nov 3, 98 06:13:54 pm

> Both of these require all X servers (and servers for the other services
> you mention later) run with sufficient privileges).  The first opens up
> a DoS for servers that don't have sufficient privileges.  XFree86, for
> example, ships with three "servers" that are not normally run with
> sufficient privileges (lbxproxy, Xnest, Xvfb).

I'd rather have my Xservers setgid X11 than totally insecure. There are
neat Linux solutions with the non fs name space but setgid X11 appears to
be the requirement for safe server side creation.

Is setgid X11 a problem, given the worst gaining it can do is to leave you
back where we are right now ?

home help back first fref pref prev next nref lref last post