urxvt synthetic events - security hole?
Benjamin R. Haskell
rxvt-unicode at benizi.com
Thu Jul 15 13:29:35 CEST 2010
On Thu, 15 Jul 2010, Ben Price wrote:
> On Thu, Jul 15, 2010 at 02:09:23AM +0200, Marc Lehmann wrote:
> > Accepting synthetic events is, of course, not a security hole.
>
> Perhaps I am confused, but wouldn't this mean any program could run
> arbitary commands via urxvt? Obviously this wouldn't normally be a
> problem, but what about if I had a ``su'' session open? This would (I
> think) allow arbitary commands to be run as root.
Due to the way X11 works, if a process has the ability to generate
synthetic X11 events, you're already screwed. Via the Cygwin FAQ entry
on X11 forwarding[1], I found a broken link to the NSA's SELinux group's
explanation of the core problem (correct link: [2]):
"""
The X protocol for graphical applications was not designed with security
as a major concern. The X server applies limits to initial connections
from clients, but does not limit actions of connected clients. Any
client on the system can read the state of any objects in the server,
can receive and monitor any and all input, and can manipulate any
window.
"""
--
Best,
Ben
[1] Cygwin FAQ on X11 forwarding
http://cygwin.com/ml/cygwin-xfree/2008-11/msg00154.html
[2] SELinux requirements for securing X11
http://www.nsa.gov/research/_files/selinux/papers/x11/x93.shtml
More information about the rxvt-unicode
mailing list