This is the mail archive of the cygwin-xfree@cygwin.com mailing list for the Cygwin XFree86 project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: XFree86-xserv-4.3.0-47 copy/paste trouble and BadAtom.

From: Alexander Gottwald <Alexander dot Gottwald at s1999 dot tu-chemnitz dot de>
To: cygwin-xfree at cygwin dot com
Date: Sat, 28 Feb 2004 04:41:36 +0100 (MET)
Subject: Re: XFree86-xserv-4.3.0-47 copy/paste trouble and BadAtom.
References: <77E700AE7021314DB6CDF6D6E8F6613277CEF1@ACDFWMAIL1.acd.de.ittind.com><Pine.LNX.4.55.0402272106580.2522@lupus.ago.vpn> <403FAAF7.1070207@msu.edu>
Reply-to: cygwin-xfree at cygwin dot com

Harold L Hunt II wrote:

> I was wondering if this change in behavior meant that our multi-window
> window manager would be unable to connect to the server when an ssh
> session had been opened on the local machine already.  I did some
> testing but was not able to cause this to happen.  In any case, my great
> ideas for what was causing this problem are useless :)

More explanation i got from http://www.xfree86.org/~herrb/security.pdf

Any "normal" xclient connects in trusted mode. But openssh now connects
in untrusted mode. This is for "security" reasons. I'll describe later
why I think it's useless.

In untrusted mode some calls (esp. GetProperty and SetProperty) will fail.
This can be configured in /usr/X11R6/lib/X11/xserver/SecurityPolicy.

<quote source="SecurityPolicy">
# Allow reading of application resources, but not writing.
property RESOURCE_MANAGER   root    ar iw
property SCREEN_RESOURCES   root    ar iw

# Ignore attempts to use cut buffers.  Giving errors causes apps to crash,
# and allowing access may give away too much information.
property CUT_BUFFER0    root    irw
property CUT_BUFFER1    root    irw
</quote>

The CUT_BUFFER entries may explain why the problems with copy&paste started.

One way to solve the new problems is to modify the SecurityPolicy and
distribute it with the xserver. But this is complicated because
a) we have to figure out all properties which are safe to export
b) we may get responsible and sued for any security problem we create with
   these changes.

The other way is to enable X11ForwardTrusted by default. But again it is
(in my opinion) "dangerous" to explicitly disable a security method.

But anyway. I think the change to untrusted clients is very shortminded.

Most users will get annoyed with not working software and skip the whole
X11Forwarding issue and use "xhost +" again. This is a severe loss of
security.

If a lot of software requires access to properties which are blocked in
untrusted mode then most people will enable the switch. Only a few will
ever want the clients to connect in untrusted mode.

bye
    ago

NP: grauzone.04-02-15
-- 
 Alexander.Gottwald@informatik.tu-chemnitz.de
 http://www.gotti.org           ICQ: 126018723

References:
- Re: XFree86-xserv-4.3.0-47 copy/paste trouble and BadAtom.
  - From: Virgilio, Vincent
- Re: XFree86-xserv-4.3.0-47 copy/paste trouble and BadAtom.
  - From: Alexander Gottwald
- Re: XFree86-xserv-4.3.0-47 copy/paste trouble and BadAtom.
  - From: Harold L Hunt II

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]