On Wed, Jan 18, 2006 at 10:15:57PM -0500, [EMAIL PROTECTED] wrote: > I've been told that if a process has a window on an X server, it can > create fake events on any of the windows on the X server. This was, > ages ago, a building block for various nice user interfaces, decades > before anybody was serious about computer security. So an open root > window wound be easy prey for any stray process that managed to put > anything on your screen. > > Anybody know how true this is?
It's true. But, if you have a trojan process injecting X events into your X, it could trash all your user's data -- which in my case is more valuable than a root shell on my box (I can unplug the network access and reinstall in an hour: although I'd be very interested to know where such a trojan process came from) -- Jon Dowland http://alcopop.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
