--- Anthony Gruppuso <AGruppusat_private> a écrit : > but what amazed me, was the my xkill process, as a > normal user, was able to kill a process that did not belong to me. As others have already told you, xkill does not kill the process, it just shuts down the connection between the client and the X server. > if the xkill binary was setuid root, but it was not. You miss something fundamental here: X is a _network_ protocol. That you are root, administrator or whoever on your machine does not mean anything to the remote X server. > This is definatley not a good 'feature.' :) Yes it is. You should control access to your X server with xhost, xauth, and options like -nolistentcp Otherwise, worse things could happen like somebody grabing your passwords. ___________________________________________________________ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com
This archive was generated by hypermail 2b30 : Sat Mar 23 2002 - 10:04:06 PST