Re: How to use gksu to safely run a non-open-source application?

[Jack Dodds <brmdamon aci on ca>]

Paul,

Thanks for pointing me at this - it's just at the level that I can grasp.

It seems that X has facilities to keep unwanted users from connecting - 
but a user that is connected has complete access.  So my project of 
allowing a hostile user to put a window on my desktop cannot be done safely.

This seems like an oversight on the part of the designers of X.

I can see one possible (but work-intensive) solution.  This would be to 
have an X proxy program which would maintain a virtual 
screen/mouse/keyboard that contained only the hostile user's window.  
The hostile user would communicate with the proxy, and the proxy would 
filter the information from the actual screen/mouse/keyboard e.g. so 
that mouse and keyboard events would be passed on only when the hostile 
user's window had the focus.  The proxy could even put a warning border 
around the hostile user's window when displaying it on the actual screen.

A little beyond my abilities at the moment, unfortunately.


Paul Smith wrote:

> One page I found in about 2 seconds by giving "X windows security" to
> Google is:
>
>  http://bau2.uibk.ac.at/matic/ccxsec.htm
>
> A client can get a complete screendump (that's what the
> snapshot program does for example), and it can also see every keypress
> that goes through the server.