[651] in bugtraq
X security, again
daemon@ATHENA.MIT.EDU (der Mouse)
Tue Jan 17 16:15:55 1995
Date: Tue, 17 Jan 1995 14:31:00 -0500
From: der Mouse <mouse@Collatz.McRCIM.McGill.EDU>
To: bugtraq@fc.net
After all the talk about X security, including me saying how xconns
could be souped up to be reasonably useful, I decided to _do_ something
instead of just talk.
I now have a program that behaves superfically like xconns, but with
some significant differences:
- It uses RFC931 to display usernames, when the client host supports
RFC931.
- It allows the user to freeze (and unfreeze) connections, or kill
them, independent of the client, and very importantly independent of
the server. The KillClient request can be used to forcibly
disconnect a client from the server, but only if the client has
created a resource, which (for example) neither xkey nor xcrowbar
does.
- It monitors the connection, and if it sees certain dubious requests
(currently configurable only by hacking on the source), it pops up a
little menu with which the user can allow the request, have it
replaced with a NoOperation request, or kill the connection. The
dubious requests are, at present, requests to change the host access
list, requests to enable or disable access control, and
ChangeWindowAttributes requests operating on non-root windows not
created by the same client.
There is much that it doesn't do but perhaps should. More operations
should be considered "dubious" (eg, DestroyWindow on others' windows)
and it would be nice to be able to configure access control and levels
of trust somehow. Consider this proof-of-concept, if you will. :-)
This program is up for anonymous ftp from collatz.mcrcim.mcgill.edu, in
/X/xc.c (please ask for xc.c.gz if you have gunzip - be kind to my poor
netlink). There is currently no documentation aside from what I've
written above; once I get some written I'll drop it in as xc.doc.
der Mouse
mouse@collatz.mcrcim.mcgill.edu
