So, if I ssh into a system and have X-forwarding for the session, anything including my initial [bash or other] shell could be logging my local keystrokes, even in other windows? (assuming the shell binay was modified to log such events) They can only get X events, though, so they don't get keystrokes that go to a non-X session like one of the text terminals -- is that correct?
If this is true, I think we'll all be more wary of logging in to others' systems... I'm also curious about what signals are remotely visible when the local X system, being ssh'ed *from*, is a cygwin/X system. Furthermore, what about a cygwin/X running inside wine or xmware? Is the sniffing potential limited to cygwin's X session, or would it inherit access through the hosting OS's desktop (in the caee of cygwin on wine or vmware)? ever-so-curious, Ben On Thu, 29 Jan 2004 22:02:06 -0800 Bob Miller <[EMAIL PROTECTED]> wrote: | Ben Barrett wrote: | | > 1. I never realized that 'xkill' could pass the appropriate signals | > through a remote Xwindows connection, which in my case was | > SSH-tunnelled. If anyone has explored this or knows more, I'm very | > curious, about the security implications, for instance; what can you | > tell me? Example: you log your buddy into their remote account as | > they borrow your system momentarily, they do their stuff, but could | > easily (accidentally or otherwise) kill anything on your desktop, or | > possibly the entire session(?). I know they could close anything, | > having physical access, but I feel like I'm not getting the whole | > picture. | | X is a network-transparent window system. That means that it doesn't | matter whether there is a network between the client and the server. | The client has exactly the same privileges and capabilities in either | case. There is at least one exception in the X11 protocol, the one | that I can remember is that the "xhost" command only works through a | local connection. But you can do nearly everything remotely that you | can do locally. Linux Terminal Servers rely on that. | | Some of the things a client (any client) can do include: reading any | part of the screen or offscreen pixmaps, reading or changing any | window's properties, and reading events from the mouse and keyboard | (e.g., keystroke logging). | | I'm sure you can see what the security implications are -- if you're | going to run an X client on a host, your workstation, and other hosts | that also run X clients on it, are no more secure than that host. | (thanks Bob!!) _______________________________________________ EuG-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
