But, to get this to work, you first had to take control of the other users X window display, so the controls must not be strict enough if this was able to be done. I think this is what Valdis.Kletnieks was trying to tell you. Thanks, Ron DuFresne On Fri, 22 Mar 2002, anthony gruppuso wrote: > I understand that, we use a very strict host access control list here on > all Xserver based devices/products; I just thought it was interesting > that xkill behaved in that manner. Initally I was under the impression > that it would function like a graphical kill, but apparently that is not > the case. > > Anthony (Joe) Gruppuso > > -----Original Message----- > From: Valdis.Kletnieksat_private [mailto:Valdis.Kletnieksat_private] > Sent: Friday, March 22, 2002 5:09 PM > To: Anthony Gruppuso > Cc: Bugtraqat_private; vuln-devat_private > Subject: Re: Problem with xkill > > > On Fri, 22 Mar 2002 14:54:03 EST, Anthony Gruppuso said: > > > I don't know what possesed me to try this, but under Digital UNIX 5.0, > > as a normal user, I was able to set my DISPLAY to the IP address of > > another user who was running a seperate session, and run xkill. > > xkill (like any other X client) uses the standard X access control > scheme. > > Most likely, the other user had done an 'xhost +' or 'xhost +yourhost'. > > That's why xauth and friends exist, to stop games like this... > > -- > Valdis Kletnieks > Computer Systems Senior Engineer > Virginia Tech > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
This archive was generated by hypermail 2b30 : Fri Mar 22 2002 - 20:35:17 PST