This is the mail archive of the cygwin-xfree@cygwin.com mailing list for the Cygwin XFree86 project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: errors when switching users (security hole?)

From: Danilo Turina <danilo dot turina at alcatel dot it>
To: cygwin-xfree at cygwin dot com
Cc: Kris Thielemans <kris dot thielemans at csc dot mrc dot ac dot uk>
Date: Tue, 24 Feb 2004 14:14:57 +0100
Subject: Re: errors when switching users (security hole?)
References: <NBBBKKHEOHOEPNCALMIGEEJPDOAA.kris.thielemans@ic.ac.uk> <Pine.LNX.4.58.0402241353390.11345@odoaker.hrz.tu-chemnitz.de>
Reply-to: cygwin-xfree at cygwin dot com

Alexander Gottwald wrote:

On Tue, 24 Feb 2004, Kris Thielemans wrote:

I was trying to use Windows XP's 'switch user' feature and get rather
amazing results. Here is what I did

- logged in as account 1 (has admin privs), started XFree there (using
startxwin.bat)
- switched to another user ('limited privs'), started Xfree there (using
startxwin.bat)

I get error messages relating to /tmp/.X11-unix (permission denied).
If you check startxwin.bat, this is indeed a problem. Every user/session
will use the same filename. my 2nd user does not have permission to mess
around with the /tmp/.X11-unix created by the first user, so it has
problems.

Maybe this can be fixed by using /tmp/$USER/.X11-unix or so. But maybe you
do not want it to be fixed (see below).


However, now comes the weird thing.
I then switched back to account 1. And it has a new Xterm open, which seems
to be owned by user 2 (that is 'id -un' reports user 2)! I did not really
check if it has all relevant permissions and so on but it's pretty scary
anyway!

This is perfectly normal, if you look into startxwin.bat you can find the following:

--------------------------
REM Startup the X Server with the integrated Windows-based window manager.

start XWin -multiwindow

REM Startup an xterm, using bash as the shell.

run xterm -sl 1000 -sb -rightbar -ms red -fg yellow -bg black -e /usr/bin/bash -------------------------- (Last two lines are only one that have been wrapped)

Trying to start another XServer on the same display (:0 implicitely) will fail (as already explained by Alexander).

Instead the opening of an xterm will work, because the xterm is opened in the already running XServer.

It's the same situation that often happens with Unix machines when you launch a X app from a remote machine toward your X server, but forget to specify the display (or to export the DISPLAY variable) and then your application is displayed in the remote X server (probably used by someone else).

Do you think user switching could be supported by XFree? (Don't worry if you
say no. It's not a life-saving requirement for me!)
This is normal behaviour. X11 communication work either via TCP/IP where the xserver uses port 6000+display number or via unix domain sockets where the xserver uses the file /tmp/.X11-unix/X${display number}.

If you want to start another xserver as a different user you have to supply a screen number different from those of all started servers.
eg. if the first server was started with XWin -options then the second should
be started with XWin :1 -options
bye
	ago

References:
- errors when switching users (security hole?)
  - From: Kris Thielemans
- Re: errors when switching users (security hole?)
  - From: Alexander Gottwald

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]