An extensive set of X.org vulnerabilities

Posted Dec 10, 2014 8:09 UTC (Wed) by matthias (subscriber, #94967)
In reply to: An extensive set of X.org vulnerabilities by mgraesslin
Parent article: An extensive set of X.org vulnerabilities

Would you mind, if I would attach a key logger to your keyboard? The key logger does not know when you enter a password. Still, the passwords are captured and any human, who gets to see this series of keystrokes can identify them. Even automatic retrieval should give quite good results. Passwords usually look quite different compared to URLs.

Of course, the bigger problem is, that any client can intercept all events. This is a security nightmare. However, the server can do anything, the client can do. Why should attacker code executed in the server context have less privileges than an arbitrary client? All information available to X clients is also available to the server. That this information is usually not used by the server does not mean that introduced attacker code does not use it.

An extensive set of X.org vulnerabilities

Posted Dec 10, 2014 8:51 UTC (Wed) by drago01 (subscriber, #50715) [Link] (1 responses)

The xserver also has access to the *output* ... it could capture images of the screen in addition to the keystrokes.

An extensive set of X.org vulnerabilities

Posted Dec 10, 2014 8:56 UTC (Wed) by mgraesslin (guest, #78959) [Link]

Also each client connected to the same X server can capture the output of any other window. That's what a compositor does.