From kde-devel  Tue Dec 27 20:35:28 2005
From: Dave Feustel <dfeustel () mindspring ! com>
Date: Tue, 27 Dec 2005 20:35:28 +0000
To: kde-devel
Subject: Re: One Way to Increase KDE security
Message-Id: <200512271535.28847.dfeustel () mindspring ! com>
X-MARC-Message: https://marc.info/?l=kde-devel&m=113572071309786

On Tuesday 27 December 2005 14:24, Guillaume Laurent wrote:
> On Tuesday 27 December 2005 20:06, Dave Feustel wrote:
> >
> > I had the feeling that I was being toyed with and that I was *supposed* to
> > notice the changes. I consider it quite possible that my system is rooted
> > and the rooter is concealing well the fact that he actually has root
> > access. On the other hand, this is OpenBSD, not Linux, so maybe the
> > intruder only has access to my computer via Xorg to an Xsession. It's an
> > open question right now.
> 
> Uh, hello ? Unless your machine is exposing all its IP ports to the Net and 
> you've disabled X access control, to gain access to X the intruder would have 
> to gain access to the machine itself first, and then he wouldn't care about X 
> very much, because since you said it's a single-user system, the only two 
> kind of accesses he could have would either be your normal user (in which 
> case running a X spying client is trivial), or root (in which case he has 
> full access to your machine anyway).
> 
> Forgive me for being blunt, but you sound like you have no idea whatsoever on 
> how that hypothetical intruder could ever have gained access to your machine, 

more true than false right now. I'm working on it.

> nor about computer security in general.

I presume you're not reading this email then.
> 

-- 
Lose, v., experience a loss, get rid of, "lose the weight"
Loose, adj., not tight, let go, free, "loose clothing"
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<