X server access
Summary
X server access from arbitrary hosts.
Impact
A remote intruder can control the keyboard, mouse and screen.
Background
The X Window system implements an environment where applications use the network to interact with a user workstation's display, keyboard and mouse. There are two classes of programs:
- The X server: the program that manages the user's workstation display and input devices.
- X clients: the applications that run on the user's workstation or elsewhere in the network.
The problem
When the X server permits access from arbitrary hosts on the network, a remote intruder can connect to the X server and:
- Read the user's keyboard, including any passwords that the user types,
- Read everything that is sent to the screen,
- Write arbitrary information to the screen,
- Start or terminate arbitrary applications,
- Take control of the user's session.
Fix
Remove all instances of the xhost + command from the system-wide Xsession file, from user .xsession files, and from any application programs or shell scripts that use the X window system.
Other tips
- Use the X magic cookie mechanism or equivalent. With logins under control of xdm, you turn on authentication by editing the xdm-config file and setting the DisplayManager*authorize attribute to true.
- When granting access to the screen from another machine, use the xauth command in preference to the xhost command.
- See the Admin Guide to Cracking for an example of why this is a problem.
CVE Reference(s):