Re: How to use gksu to safely run a non-open-source application?

[Manuel Amador <rudd-o amautacorp com>]

That's not true.  I think the SECURITY extension provides facilities to
restrict the things applications can do to the X server.

Check more on that, google for more info.

El mar, 28-12-2004 a las 13:48 -0500, Jack Dodds escribió:
> Paul,
> 
> Thanks for pointing me at this - it's just at the level that I can grasp.
> 
> It seems that X has facilities to keep unwanted users from connecting - 
> but a user that is connected has complete access.  So my project of 
> allowing a hostile user to put a window on my desktop cannot be done safely.
> 
> This seems like an oversight on the part of the designers of X.
> 
> I can see one possible (but work-intensive) solution.  This would be to 
> have an X proxy program which would maintain a virtual 
> screen/mouse/keyboard that contained only the hostile user's window.  
> The hostile user would communicate with the proxy, and the proxy would 
> filter the information from the actual screen/mouse/keyboard e.g. so 
> that mouse and keyboard events would be passed on only when the hostile 
> user's window had the focus.  The proxy could even put a warning border 
> around the hostile user's window when displaying it on the actual screen.
> 
> A little beyond my abilities at the moment, unfortunately.
> 
> 
> Paul Smith wrote:
> 
> >One page I found in about 2 seconds by giving "X windows security" to
> >Google is:
> >
> >  http://bau2.uibk.ac.at/matic/ccxsec.htm
> >
> >A client can get a complete screendump (that's what the
> >snapshot program does for example), and it can also see every keypress
> >that goes through the server.
> >
> 
> _______________________________________________
> gnome-list mailing list
> gnome-list gnome org
> http://mail.gnome.org/mailman/listinfo/gnome-list
-- 
Manuel Amador <rudd-o amautacorp com>
Amauta