[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: One Way to Increase KDE security
From:       Dave Feustel <dfeustel () mindspring ! com>
Date:       2005-12-27 20:35:28
Message-ID: 200512271535.28847.dfeustel () mindspring ! com
[Download RAW message or body]

On Tuesday 27 December 2005 14:24, Guillaume Laurent wrote:
> On Tuesday 27 December 2005 20:06, Dave Feustel wrote:
> >
> > I had the feeling that I was being toyed with and that I was *supposed* to
> > notice the changes. I consider it quite possible that my system is rooted
> > and the rooter is concealing well the fact that he actually has root
> > access. On the other hand, this is OpenBSD, not Linux, so maybe the
> > intruder only has access to my computer via Xorg to an Xsession. It's an
> > open question right now.
> 
> Uh, hello ? Unless your machine is exposing all its IP ports to the Net and 
> you've disabled X access control, to gain access to X the intruder would have 
> to gain access to the machine itself first, and then he wouldn't care about X 
> very much, because since you said it's a single-user system, the only two 
> kind of accesses he could have would either be your normal user (in which 
> case running a X spying client is trivial), or root (in which case he has 
> full access to your machine anyway).
> 
> Forgive me for being blunt, but you sound like you have no idea whatsoever on 
> how that hypothetical intruder could ever have gained access to your machine, 

more true than false right now. I'm working on it.

> nor about computer security in general.

I presume you're not reading this email then.
> 

-- 
Lose, v., experience a loss, get rid of, "lose the weight"
Loose, adj., not tight, let go, free, "loose clothing"
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]