[xorg-bugzilla-noise] [Bug 379] New: xterm man page is misleading
about "Secure Keyboard"
bugzilla-daemon at pdx.freedesktop.org
bugzilla-daemon at pdx.freedesktop.org
Fri Mar 26 22:44:50 PST 2004
http://pdx.freedesktop.org/cgi-bin/bugzilla/show_bug.cgi?id=379
Summary: xterm man page is misleading about "Secure Keyboard"
Product: xorg
Version: unspecified
Platform: All
URL: http://www.acm.vt.edu/~jmaxwell/programs/xspy/xspy.html
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: cvs
AssignedTo: xorg-bugzilla-noise at freedesktop.org
ReportedBy: alan.coopersmith at sun.com
The xterm man page includes a section on SECURITY which discusss "Secure
Keyboard" mode, which would make the reader think that xterm can protect
against sniffing the keyboard via the X protocol. However, this is
misleading since grabKeyboard does not protect against all X-windows
keyboard sniffing techniques. Refer to the listed website for a technique
(and source code) which can sniff xterms keyboard via keyboard polling
(using XKeycodeToKeysym) even when xterm's "Secure Keyboard" mode is
turned on.
[Originally reported to Sun as Sun bug id #4794364.]
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the xorg-bugzilla-noise
mailing list