was _too_ strong. Yeah, that makes sense, but it was presented to me on such a wide scale,
that it didn't make sense to me. Would it be correct this this is about as severe,
as have a root user at all. (Because the root password could be set to empty and them /proc/mem used
to intercept other programs). An issue, but a manageable one (use a real password).
Philip Thiem
--On Monday, October 04, 2004 05:37:26 PM -0700 Dale Southard <[EMAIL PROTECTED]> wrote:
Philip Thiem <[EMAIL PROTECTED]> writes:
Recently a friend made the assertion that I want to get some feed back on:
"if you connect to an x server you have access to the protocol stream of any other user also connected to it"
I believe that this is more or less correct.
If you can connect to an X11 server, you can use either the RECORD, XTrap, or DEC-XTrap extensions to access the protocol stream. You can also take control of input devices using XTEST. There are some limits (eg, I think openGL/GLX stuff that goes through DRI won't get posted).
--
/* Dale Southard Jr. [EMAIL PROTECTED] 925-422-1463 fax 422-9429 */ /* Computer Scientist, Advanced Simulation and Computing Program */ /* L-073, Lawrence Livermore National Lab, Livermore CA 94551 */
Philip Thiem -- Icequake.net Administrator Isn't it obvious lumberjacks love traffic lights? GPG Pub Key Archived at wwwkeys.us.pgp.net
pgphMfUz30SAp.pgp
Description: PGP signature
