Thor Lancelot Simon wrote:
> On Fri, Dec 22, 2006 at 03:39:00AM +0100, Christian Biere wrote:
> > Matthias Drochner wrote:
> > > One can argue (as does Joerg) that such an attacker could
> > > listen to X11 events carrying the passwd as well, so there
> > > is no additional danger.

> > That's one reason why I prefer the console over X for certain things.

> You understand that an attacker with your UID can simply read from your
> tty, right, since it's a file you can open?  Or, for that matter, from
> the memory image of your process, using ptrace.  The X11 thing is really
> a red herring.

No, it's not a red herring. If I log into a remote host using X11, an
attacker can sniff all X events on the remote machine and possibly even
inject events into terminals I have open locally. That's why I don't like
mixing users under X and I don't use a window manager when logging into
a machine using X that I don't trust because that would potentially
allow the remote side to start xterm or whatever on my machine etc. Of
course I have to trust my X server to be not exploitable this way.

-- 
Christian