[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: kdesu in KRASH
From: Geert Jansen <g.t.jansen () stud ! tue ! nl>
Date: 1999-09-23 12:13:22
[Download RAW message or body]
Dawit Alemayehu wrote:
> Just out of curiousity ... Does anyone know in what sense the current kfmsu2
> script is insecure i.e. what its vulernability is ?
On a multiuser machine, giving local clients access means giving all
local users access to the X display. This is dangerous, for example you
could request all key events thereby sniffing root's terminal.
Greetings,
--
Geert Jansen email: <g.t.jansen at stud.tue.nl>
Phylosopher, Physicist PGP key ID: 0xD2B5E7CE
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic