On 07/03/2017 10:41 PM, Antoine Martin wrote:
Hi,
I've just come across this easy DoS with twm and
X.Org X Server 1.19.3 from Fedora 26.
Steps:
/usr/libexec/Xorg -noreset -novtswitch -config /etc/xpra/xorg.conf :10&
#verify we can access the display:
DISPLAY=:10 xprop -root
#start xterm so we have a window, then twm:
DISPLAY=:10 xterm&
DISPLAY=:10 twm&
#now click on the title bar of the xterm:
DISPLAY=:10 xdotool mousemove 90 10 mousedown 1
#and now the X11 server is inaccessible:
DISPLAY=:10 xprop -root
Isn't this just twm grabbing the server? If you can connect to the
server to launch twm, you can also just call XGrabServer() and not let go.
Cheers
Antoine
PS: the xorg.conf to use for the dummy driver can be found here:
http://xpra.org/trac/browser/xpra/tags/v2.0.x/src/etc/xpra/xorg.conf
_______________________________________________
[email protected]: X.Org development
Archives: http://lists.x.org/archives/xorg-devel
Info: https://lists.x.org/mailman/listinfo/xorg-devel
