Vulnerability Development: RE: Problem with xkill

[Ron DuFresne <dufresne () winternet com>]

But, to get this to work, you first had to take control of the other users
X window display, so the controls must not be strict enough if this
was able to be done.

I think this is what Valdis.Kletnieks was trying to tell you.


Thanks,


Ron DuFresne


On Fri, 22 Mar 2002, anthony gruppuso wrote:

> I understand that, we use a very strict host access control list here on
> all Xserver based devices/products; I just thought it was interesting
> that xkill behaved in that manner.  Initally I was under the impression
> that it would function like a graphical kill, but apparently that is not
> the case.
>
> Anthony (Joe) Gruppuso
>
> -----Original Message-----
> From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu]
> Sent: Friday, March 22, 2002 5:09 PM
> To: Anthony Gruppuso
> Cc: Bugtraq () securityfocus com; vuln-dev () securityfocus com
> Subject: Re: Problem with xkill
>
>
> On Fri, 22 Mar 2002 14:54:03 EST, Anthony Gruppuso said:
>
> > I don't know what possesed me to try this, but under Digital UNIX 5.0,
> > as a normal user, I was able to set my DISPLAY to the IP address of
> > another user who was running a seperate session, and run xkill.
> xkill (like any other X client) uses the standard X access control
> scheme.
>
> Most likely, the other user had done an 'xhost +' or 'xhost +yourhost'.
>
> That's why xauth and friends exist, to stop games like this...
>
> --
>                               Valdis Kletnieks
>                               Computer Systems Senior Engineer
>                               Virginia Tech
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.