[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-devel
Subject:    Re: setuid/setgid binaries contained in the Debian repository.
From:       Matt Zimmerman <mdz () debian ! org>
Date:       2003-08-19 15:01:35
[Download RAW message or body]

On Tue, Aug 19, 2003 at 01:14:33AM +0300, Richard Braakman wrote:

> This might be true for text-based games, though even they could reprogram
> the terminal in nasty ways.  Games that use X11, however, will need
> access to the user's X session, and that basically gives them free
> reign.  They'll be able to do fun things like listen to keypress events
> or paste text into an open xterm.
> 
> If you do find a way to run graphical games in a separate uid, then let
> me know -- I'll want to use that for my web browser :-)

xauth -f someplace-else generate $DISPLAY . untrusted

It breaks some applications, though.

-- 
 - mdz


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[prev in list] [next in list] [prev in thread] [next in thread]