Re: X-windows security in Gnome

On Thu, 16 May 2002, Jamie Zawinski wrote:

> I notice that on my Red Hat system with XFree86-4.1.0, the XTEST
> extension is listed as a server extension.  If that is, in fact, turned
> on, then that's a way to read keystrokes while bypassing all grabs, and
> is also a way to generate synthetic events that don't have the
> "send-event" bit set.

Well, you[1] can run xserver with the testing extensions switched off
(-tst) - the problem isn't Xfree related either, loading XTEST seems to be
the X default so it is by default also on on Solaris (and I suspect, but
haven't verified - all other unixy X distributions). 

> -- 
> Jamie Zawinski
> jwz jwz org   
> jwz dnalounge com

[1] assuming lots of things, like admin password and permissions


	you'll rescue me right?
	in the exact same way that they never did
	i'll be happy right?
	when your healing powers kick in

gnome-hackers mailing list
gnome-hackers gnome org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]