About this list Date view Thread view Subject view Author view Attachment view

From: Jerker Nyberg (jerker_at_update.uu.se)
Date: Sun 02 Nov 2003 - 13:37:15 GMT


Hello,

The easy answer is not to let untrusted applications connect to your
X-server... Run xterm locally and connect with no X-forwarding with ssh to
each vserver. But that does not answer your question.

It is possible to run some applications untrusted. Read "man xauth" and
search for "untrusted". This seem to work. Test with "xwininfo".

  cp ~/.Xauthority ~/.XauthorityUntrusted
  export XAUTHORITY=~/.XauthorityUntrusted
  xauth generate $DISPLAY
  xterm

But this does not work for many applications. One solution for them is to
use Xnest or Xvnc.

Regards,
Jerker Nyberg.
Uppsala, Sweden.

On Sun, 2 Nov 2003, GT wrote:

> Hi,
>
> I wondered how it is possible to keep two vservers from keylogging each
> others root-passwords when entered in an xterm.
>
> Assuming two xterms are running under the same Xserver, each called
> from one of the two vservers.
>
> Even with recent Xservers it is very simple to log an password entered
> at the "su -" prompt.
>
> regards,
> gt
> _______________________________________________
> Vserver mailing list
> Vserver_at_list.linux-vserver.org
> http://list.linux-vserver.org/mailman/listinfo/vserver
>

_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 02 Nov 2003 - 13:42:22 GMT by hypermail 2.1.3