Joe Kisela on 19 Aug 2010 10:38:51 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[PLUG] X11 security

  • From: Joe Kisela <jkisela@gmail.com>
  • To: plug@lists.phillylinux.org
  • Subject: [PLUG] X11 security
  • Date: Thu, 19 Aug 2010 13:38:46 -0400
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=6f/5U0rs/YqmUC0mJV8B4Ih1Ub8/wnK7+mQkMXyw6Ik=; b=vN566wrPAav925/iMpNLCKWN0IN6IcA1R33VjkJoZNKngTV0o8H94A+dflCXWAVsYZ Rjm4nppPjiRfeCTOoXmzjX7lZPLklFtMBBxbaSvV7HVVFdciWGulgXqRlHcunA0JbjIp xosnIvur0IikWxGWPAOHKNRInme1KOK91ctS4=
  • Reply-to: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
  • Sender: plug-bounces@lists.phillylinux.org

@Jason Stelzer

Ok, I'll take a look at that PDF, thanks.

X11 is by default a very scary insecure implementation, once you have a client program drawing on the server, it has access to EVERY X11 atom.  Thus the MIT magic cookie, and I will assume that the -Y takes this further.

Again, thanks for the PDF

-joe.
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug