Re: (PC video card memory aperture !=0) =OS Rootability?
On Monday 01 May 2006 21:00, mcb, inc. wrote: On Mon, 1 May 2006, Dave Feustel wrote: Below is a comment about X-Windows security sent to me by a person with a lot of experience in computer security: === Dave, X-Windows has been known to be insecure for some time. That is to say it can be hacked. This is true but doesn't enumerate the attack vectors and their defenses. It's just a sweeping statement that sounds impressive to children and maiden aunts. Read this and then get back to me. http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf
Re: (PC video card memory aperture !=0) =OS Rootability?
Dave Feustel pointed to http://www.ssi.gouv.fr/fr/sciences/fichiers/lti/cansecwest2006-duflot-paper.pdf as an example of X-Windows has been known to be insecure for some time.. A brief perusal of the paper shows that it describes a way for the *superuser* to circumvent securelevel restrictions. This is interesting, but (a) it describes an attack by a malicious *superuser*, and (b) it describes an attack by a malicious person who *already* has an account on the machine under attack. (a) in particular makes this of more academic than practical concern -- a malicious superuser has about 6.02e23 different ways to take over the system, so adding one more is of little interest. This attack is trivially preventable by not allowing malicious persons to become superuser in the first place, indeed by not giving them logins. ciao, -- -- Jonathan Thornburg -- remove -animal to reply [EMAIL PROTECTED] Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut), Golm, Germany, Old Europe http://www.aei.mpg.de/~jthorn/home.html Washing one's hands of the conflict between the powerful and the powerless means to side with the powerful, not to be neutral. -- quote by Freire / poster by Oxfam
Re: (PC video card memory aperture !=0) =OS Rootability?
Below is a comment about X-Windows security sent to me by a person with a lot of experience in computer security: === Dave, X-Windows has been known to be insecure for some time. That is to say it can be hacked. Now you could get the code and change the sockets that are used or require authentication of every communication. But this would slow it down. You might also have virtual x-windows where you use 127.0.0.x as the endpoint and refuse to allow non-local connections. Would implementing virtual x-windows as this person describes above solve the X-Windows security problem on OpenBSD? Thanks Dave Feustel
Re: (PC video card memory aperture !=0) =OS Rootability?
On May 1, 2006, at 9:57 AM, Dave Feustel wrote: Below is a comment about X-Windows security sent to me by a person with a lot of experience in computer security: === Dave, X-Windows has been known to be insecure for some time. That is to say it can be hacked. Now you could get the code and change the sockets that are used or require authentication of every communication. But this would slow it down. You might also have virtual x-windows where you use 127.0.0.x as the endpoint and refuse to allow non-local connections. Would implementing virtual x-windows as this person describes above solve the X-Windows security problem on OpenBSD? Why don't you try it and let us all know? Quit waiting on someone else to test your weekly exploits. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net