|This forum is proudly powered by Scientific Linux 6||SL website Download SL Help Search Members|
|Welcome Guest ( Log In | Register )||Resend Validation Email|
Posted: Jan 16 2012, 03:33 AM
Member No.: 18
Joined: 11-April 11
Whats a realistic defense strategy?
One thing is to not enter the root password on any desktop application (including xterm).
Suppose I also want to protect the data in my home directory. If I open xterm in the same x-session as say firfox or a compromised pdf, then I am screwed? As the malware can send keystrokes to xterm?
What is the solution? Run multiple x-servers at the same time (can be done)? Use xserver-less consoles (CTRL+ALT+F2) for entering passowords?
An example of keyloggers:
(I tried, the keylogger works )
Posted: Mar 3 2012, 06:38 PM
Member No.: 1325
Joined: 24-February 12
I just wrote a HowTo about sandbox that's a new feature in SL 6.x. That solves the problem in question by creating a separate X server for every sandbox'd process using Xephyr. Thought you might wanna take a look.
Posted: Mar 13 2012, 03:29 PM
Member No.: 4
Joined: 8-April 11
imho, if you block the X server port in iptables level and if you forbid to users to log via ssh to your box (so that they cant tunnel tcp connections) or you control what they tunnel/forward, than it's pretty safe.
Another matter would be, if you want ppl connect to your X server and you want secure X server, while ppl are connected - i dont have experience with this, so cant say educatedly.