xorg-server setuid -- denial of service attack
C-S
c-s at c-s.li
Sat Sep 17 23:24:21 UTC 2011
Today, I discovered by accident that having setuid option set on
xorg-server -- which is the default option -- may be dangerous. (I guess
you all knew that already :-).
Another logged in user "killed" my screen by typing:
X :1
After turning setuid off, this denial of service attack was not possible
anymore. To be honest, I was really surprised that a regular user with
no special permissions can disrupt other people's x11 sessions that
easily.
Although, let me be precise here. It seems to be that he actually opened
another X11 session (which is the idea of this command I guess).
However, none of those sessions were displayed anymore on the screen.
Am I missing anything in my security configuration? What do you think?
Cheers,
Carlo
More information about the freebsd-x11
mailing list