Paul,
Thanks for pointing me at this - it's just at the level that I can grasp.
It seems that X has facilities to keep unwanted users from connecting - but a user that is connected has complete access. So my project of allowing a hostile user to put a window on my desktop cannot be done safely.
This seems like an oversight on the part of the designers of X.
I can see one possible (but work-intensive) solution. This would be to have an X proxy program which would maintain a virtual screen/mouse/keyboard that contained only the hostile user's window. The hostile user would communicate with the proxy, and the proxy would filter the information from the actual screen/mouse/keyboard e.g. so that mouse and keyboard events would be passed on only when the hostile user's window had the focus. The proxy could even put a warning border around the hostile user's window when displaying it on the actual screen.
A little beyond my abilities at the moment, unfortunately.
Paul Smith wrote:
One page I found in about 2 seconds by giving "X windows security" to Google is:
http://bau2.uibk.ac.at/matic/ccxsec.htm
A client can get a complete screendump (that's what the snapshot program does for example), and it can also see every keypress that goes through the server.
_______________________________________________ gnome-list mailing list gnome-list@xxxxxxxxx http://mail.gnome.org/mailman/listinfo/gnome-list
