Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: bug in xauth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bug in xauth

Subject: Re: bug in xauth
From: Allen Bennett <email@hidden>
Date: Fri, 24 Aug 2012 16:06:03 -0400

I think you miss the point of Rich. He doesn't intend to actually log in as "root" he plans to sudo. So, as long as he is an sudoer on the machine he is logging on to,he will be able to do so over ssh. how would X11 stop him once he has acquired root privileges though sudo?
-Allen Bennett

< Too many fundamentalist Christians, not enough lions.>




On Aug 24, 2012, at 1:44 PM, Jeremy Huddleston Sequoia <email@hidden> wrote:

>> Very good point, thanks!!!  Unless your X server does not accept connections over the network, or there are other mitigations in place!  X11 == "security hole" it's true.
>
> Right, which is why those vulnerability points are disabled by default in XQuartz.

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list      (email@hidden)

This email sent to email@hidden

Follow-Ups:
- Re: bug in xauth
  - From: Brandon Allbery <email@hidden>

References:
	>bug in xauth (From: "Cook, Rich" <email@hidden>)
	>Re: bug in xauth (From: Jeremy Huddleston Sequoia <email@hidden>)
	>Re: bug in xauth (From: "Cook, Rich" <email@hidden>)
	>Re: bug in xauth (From: Jeremy Huddleston Sequoia <email@hidden>)
	>Re: bug in xauth (From: "Cook, Rich" <email@hidden>)
	>Re: bug in xauth (From: Brandon Allbery <email@hidden>)
	>Re: bug in xauth (From: "Cook, Rich" <email@hidden>)
	>Re: bug in xauth (From: Jeremy Huddleston Sequoia <email@hidden>)

Prev by Date: Re: bug in xauth
Next by Date: Re: bug in xauth
Previous by thread: Re: bug in xauth
Next by thread: Re: bug in xauth
Index(es):
- Date
- Thread