4sight .cutbuffer

Rob Warnock rpw3 at rigden.wpd.sgi.com
Thu Mar 14 17:44:32 AEST 1991 

In article <9103131541.AA21424 at slic.cellbio.duke.edu>
jit at SLIC.CELLBIO.DUKE.EDU (Jit Keong Tan) writes:
+---------------
| Could the future relese of window manager (whatever it is going to be)
| fix the side effect that the current copy buffer is store in a file that is
| accessible by all other people:
| 
| -rw-rw-rw-   1 root		(the buffer file)
+---------------

Well, the answer is "yes" and also "no". You see, in the X environment there
is no cutbuffer "file" -- the cutbuffer(s) and primary selection buffer are
in memory inside the X server, so no one can read them as a file. Also, since
the X server gets reset when you log out, the cut/selection buffer(s) don't
survive across logins.

That was the good news...

However, *any* user at *any* host that you permit access to your X server
with the "xhost" command can read and write *anything* in your X server,
including your selection/cut buffer(s). And that includes any user running
on *your* workstation, not just "root". For example, a friend of mine has
no password on the "guest" login on his workstation. So...

	% rcp xselection guest at his_machine:/usr/tmp
	% rsh his_machine -l guest /usr/tmp/xselection -display :0 PRIMARY
    /   Erase is control-H
   /    Kill is control-U
+-{     42 cd /usr/lib/X11/xdm
|  \    /usr/lib/X11/xdm
|   \   43 ls -l
|    \  total 13
|
+- This is what happens to be in his primary selection buffer.

("xselection" is a publicly-available program, but note that any skilled X
programmer could write something like it.)

That was the bad news...

The really long answer I'll forego here (since I don't even know all the
details myself!), but suffice it to say that there are other forms of
authentication that can be used besides the simple "xhost", but that's
the default.

At least the buffers disappear at logout, which is an improvement...


-Rob

-----
Rob Warnock, MS-1L/515		rpw3 at sgi.com		rpw3 at pei.com
Silicon Graphics, Inc.		(415)335-1673		Protocol Engines, Inc.
2011 N. Shoreline Blvd.
Mountain View, CA  94039-7311

More information about the Comp.sys.sgi mailing list