D&C GLug - Home Page

[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Secure Shell?

 

On Tue, 12 Jul 2011 14:12:49 +0100
Kevin Lucas wrote:

> Just been reading the LinuxUser mag and tried this from Joanna
> Rutkowska It shows how insecure a root shell can be
> 
> in a terminal 
> do 
> 
> ( you need the package "xorg-x11-apps" to do this)
> 
> [kevin@kevinspc ~]$ xinput list
> â Virtual core pointer                        id=2    [master
> pointer  (3)] â   â Virtual core XTEST pointer
> id=4  [slave  pointer (2)]
> â   â Microsoft Microsoft Wireless Optical Mouse 1.0A
> id=9  [slave pointer  (2)]
> â Virtual core keyboard                       id=3    [master
> keyboard (2)] â Virtual core XTEST keyboard
> id=5  [slave  keyboard (3)]
>     â Power Button                                    id=6
> [slave  keyboard (3)]
>     â Power Button                                    id=7
> [slave  keyboard (3)]
>     â ov519                                           id=8
> [slave  keyboard (3)]
>     â AT Translated Set 2 keyboard                    id=10
> [slave  keyboard (3)]
>     â i2c IR (HVR 1110)                               id=11
> [slave  keyboard (3)]
> 
> 
> 
> note the AT id = 8
>  type in 
> 
> xinput --test 8
> 
> then in a root terminal type some commands
> 
> and see the keyboard codes as root types 
> remember you are just a normal user ?
> 
> perhaps in a bash script you could redirect the output of xinput to
> Dev/null or just Never install the Xorg-X11-apps

Not a good situation to be in, but not one I imagine that will cause
that many problems in current systems.  Either that or I'm being
short-sighted about this.

It would seem that "xinput --test xx" will only show the input for the
current X session.  My keyboard shows up as id 11.  I just tried running
"xinput --test 11" in one window, opened another Gnome Terminal window
and sure enough, the xinput test picked up the keypresses from the new
terminal window, including after I had sudo su'd.  Not good... but... I
then tried running "xinput --test 11", swapped to another virtual
terminal (CTRL+ALT+F1), logged in, ran a few commands and swapped back
to the X session... none of the keypresses from the "other" session
were picked up.  Not surprising as the "other" session didn't involve
X.  So, in the "other" virtual terminal I opened up an X session with
"startx -- :1"... opened a terminal in my second X session, typed a few
commands, etc, swapped back to my main X session to check whether
anything had been picked up by the running instance of "xinput --test
11"... nothing.

So it would seem that yes, it will pick up all keypresses from the
current X session, but it won't pick up keypresses from the hardware
directly (or it would have picked up something from the command-line 
virual terminal session), and it won't pick up keypresses from other X
sessions on the same machine (which might have been a problem in
situations where you have 1 box running 2+ X sessions... think
"Internet Cafe").

I can see some potential situations where this would be a potential
problem, but then to my mind those situations would only arise if the
system has been poorly setup anyway.

Grant.

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq