On Montag, 31. März 2014 00:36:29 CEST, Thiago Macieira wrote:
They can already access all of the other applications
depends on whether they actively suppress such.
and the user's files.
true.
They can attach gdb to any of the user processes.
"depends on whether they actively suppress such."
They can listen to all messages on D-Bus.
They can attach to any IPC mechanism the user has access
to.
True.
Question is whether applications expose secrets or access to other
shells/services via dbus.
Ie. can you highjack an open ssl connection, control banking software etc.
They can also launch [...] a keylogger
True and if you enter a password into anything that does not grab the keyboard,
this is a general issue of X11 (and if you've physical access to the machine,
that doesn't matter either, because you can add a cronjob/service to track the
device nodes)
Leaving access to an open shell is certainly bad enough - beyond question.
The question is whether gaining direct access to a running session and random
open clients (and leaving the stage untraced) is more valuable and thus worth
pretection.
----
And, oh, the attacker can change the user's password!
Errhemmm... Without providing the present one?
/That/ trick you gotta show me. =)
Cheers,
Thomas