| |||||||||||||
Xorg flawXorg flawPosted Aug 19, 2010 14:33 UTC (Thu) by NAR (subscriber, #1313)In reply to: Xorg flaw by avik Parent article: An ancient kernel hole is closed Looks like any X client can crash the server, with or without a patched kernel. If I understood correctly the problem (which is far from certain) the client can ask the server to allocate memory in the server's address space. Consequently the X server can run out of memory and the OOM killer can kill it. This seems to a be a feature, not a bug (i.e. the whole X server was designed this way). By the way, the X server uses the most memory on my system currently (according to top) and as far as I know, most of the memory is allocated on behalf of clients. Anyway, nowadays most X clients run locally and if a malicious attacker already controls a client locally, even if it doesn't find any local root holes (which I'm sure there are plenty of), he can delete all of the user's files, send e-mails in the user's name, etc.
(Log in to post comments)
Xorg flaw Posted Aug 21, 2010 9:12 UTC (Sat) by niner (subscriber, #26151) [Link]
"send e-mails in the user's name, etc."
Just because this is one of my favourite misconceptions floating around: nothing at all prevents anyone from sending e-mails in any user's name. Same as you can write any name as sender on an envelope of bad old snail mail. The only thing proving the identity of the sender is in both cases a signature. The electronic version even more so than your easy to fake hand writing. And of course, such a signature should not lie around on your computer unprotected...
Xorg flaw Posted Aug 23, 2010 23:42 UTC (Mon) by mgedmin (subscriber, #34497) [Link]
The bad thing that malicious programs can do is send emails using the user's bandwidth (and their IP, to avoid spam blacklists).
|
|||||||||||||