Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
X Security
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks
View previous topic :: View next topic  
Author Message
n0n
Guru
Guru


Joined: 13 Jun 2002
Posts: 355

PostPosted: Fri Aug 02, 2002 3:59 pm    Post subject: X Security Reply with quote

Ordinarily, when you run X, you run programs as the user who started X, which doesn't cause any problems. You start up a browser, a file manager, an mp3 player, and all is well. Problems can arise when you try to run X programs as a user other than the one who started X, though. For instance, you might need to become root to run Ethereal, a graphical packet sniffer, or perhaps your file manager needs to be run as root. Typically, what users will do in this case is run the command:
Code:
xhost +localhost
as the user who started X, and then make sure that root's $DISPLAY variable is set to something like "localhost:0.0" This solution works well, but there are some security issues to deal with which many users might not be aware of.

By default, X listens on a couple of TCP ports. This enables you to do funky things like run programs on other people's computers but display them on your monitor, and other such nifty things. This is also what enables the root user to run programs on X. The $DISPLAY variable will tell the X program to connect to "localhost" (your box) using TCP/IP, on the first X server. However, the ports that X uses to enable this communication are open to ANYONE on your network, not just your local root user. This isn't ideal, especially if you're on an untrusted network (like cablemodem, etc, although in that case you should really be behind a firewall anyway). Of course, by default, nobody's allowed to access these ports, which is what the "xhost" program does. When you run the command:
Code:
xhost +localhost
It says "localhost (ip 127.0.0.1) has authorization to run X apps on this server." When you do:
Code:
xhost +somemachine.domain.com
You're saying that "somemachine.domain.com" can access the ports and run programs. A machine NOT in the xhost list isn't allowed. Even if you use "xhost" to lock things down, though, the ports are still open, which makes them a security risk. Also, I'm guessing it wouldn't be terribly hard to fake packets to confuse the xhost security mechanism. So what's to be done about it?

X also uses another method of communication called UNIX sockets. UNIX sockets only exist inside your box, so there's no networking involved. This makes them inherently more secure than the TCP/IP ports that X opens up. (Granted, somone who's compromised your box would be able to use the sockets, but in that case you're already in hot water.) Only users on the local box will be able to use the sockets to run X programs, which is what we want to do in this case.

To stop X from listening on the TCP ports, you can start X with:
Code:
startx -- -nolisten tcp
I'm sure you could modify a config file somewhere, too, but this is how I've always done it. When you do this, the ports won't be open, but it'll still use UNIX sockets. To give users access to use these sockets, you still use xhost, but instead of specifying a machine name, you do:
Code:
xhost +local
Now any local process can connect to the UNIX sockets and run an X program. I have the xhost line sitting in my .xinitrc file, so it's run every time I start up the X server. To ensure that the ports are closed, you can use either "netstat" or "nmap."

Once this is done, just make sure that $DISPLAY is always set to ":0" (w/out the quotes) and you should be good to go. X is just a bit more secure!
Back to top
View user's profile Send private message
markwfrancis
n00b
n00b


Joined: 07 Jun 2002
Posts: 2

PostPosted: Thu Oct 31, 2002 12:40 am    Post subject: Reply with quote

xhost +localhost and xhost +local did not work for me. However
Code:
xhost +local:
and
Code:
xhost +inet:localhost
worked. I am on Xfree86 4.2.1.
Back to top
View user's profile Send private message
Dalrain
Tux's lil' helper
Tux's lil' helper


Joined: 02 Jul 2002
Posts: 136
Location: Wooster, OH USA

PostPosted: Sat Nov 02, 2002 8:36 pm    Post subject: KDE Reply with quote

While this is not neccesarily X, it would be prudent to mention that users can easily run other programs on their X sessions in KDE by using alt+f2, (by default) clicking options, then telling it to run the program as root. (Or whomever)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Documentation, Tips & Tricks All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum