[8406] in bugtraq
Re: X11 cookie hijacker
daemon@ATHENA.MIT.EDU (Willy TARREAU)
Wed Nov 4 17:42:16 1998
Date: Wed, 4 Nov 1998 09:58:21 +0100
Reply-To: Willy TARREAU <tarreau@AEMIAIF.LIP6.FR>
From: Willy TARREAU <tarreau@AEMIAIF.LIP6.FR>
X-To: peak@kerberos.troja.mff.cuni.cz
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19981102213202.4734.0@kerberos.troja.mff.cuni.cz> from "Pavel
Kankovsky" at Nov 2, 98 11:04:43 pm
> Potential solutions:
>
> - set the sticky bit on /tmp/.X11-unix, make sure the bit stays there
the sticky bit doesn't always prevent some DoS. A few years ago, I used
to reserve a workstation for myself so that nobody else could start X on it;
when noone uses X11 and /tmp/.X11-unix is empty :
mkdir /tmp/.X11-unix/X0
touch /tmp/.X11-unix/X0/no-delete
chmod 0 /tmp/.X11-unix/X0
then it is impossible to create the socket X0, because of the X0 directory
which is undeletable (not empty). The other solutions you proposed should
work, I think.
>
> --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
> "You can't be truly paranoid unless you're sure they have already got you."
>
>
Willy
