VT (Virtual Terminal) security
Assuming user Joe logged in in VT1, then started a X session (startx) which runs in VT7. Now the physical user switches to VT2 (Ctrl-Alt-F2) and logs in as root.
Can a malicious program running in X / VT7 with uid=Joe access anything in VT2? More precisely, can the malicious program spy or spoof keystrokes? can it grab some VT2 content (e.g. get a screenshot)? (I am running Slackware 14 with the regular kernel, if this makes any difference) TIA Phil |
Root is all-powerful, is your answer.
|
He asked if Joe from VT1 can spy a root on VT2. I think that if everything is properly configured (for example CTRL+ALT+F* in X server are not disabled by administrator) then not. But I am not a hacker.
For example to access other X session (screen, keys activity) you need to know Magic Cookie stored on user who started session home directory. Which is protected. |
Quote:
(assuming that this program cannot su or sudo to become root) |
Quote:
|
Quote:
So, is there any known way for a malicious (unpriviledged) program to abuse X APIs, and get access to another VT content or input stream? I tried to google about this but to no avail. Does an X expert here know better? Thanks for your help Phil |
Quote:
|
Attempting to access another processes address space even when the users are the same will not work for a start.
Can X see input devices while it is not the controlling terminal? I couldn't say. |
Quote:
|
Quote:
I have read (https://wiki.ubuntu.com/X/Rootless) that X can be run as a non-root user (=> not more need to suid X) which would be good... but the recipe includes giving rw access to /dev/input/* to at least the user, which seems to introduce a bigger risk (maybe a user program could then spy on _any_ input?!?). Has anyone run X as a non-root user? I wonder if it is not more systematically setup that way because (a) it doesn't work with non-KMS drivers, (b) it is more complex to setup for a small perceived benefit, or (c) because it is simply less secure than running X as suid root? What do you think? Phil |
Quote:
|
Quote:
Phil |
All times are GMT -5. The time now is 08:57 PM. |