is it possible to "break out" of Xephyr

Christoph Anton Mitterer calestyo at scientia.net
Mon Sep 17 15:38:06 PDT 2012


Hi.

First, yes I know this may be considered a little bit off topic, given
that it's not about xorg development itself; but neither is it a normal
support question, I guess.


The background is OpenSSH bug #1926
(https://bugzilla.mindrot.org/show_bug.cgi?id=1926), in which I proposed
to allow using Xephyr for X-forwarding.
But the principle is not limited to SSH.


Many people don't want to do X-forwarding (especially from untrusted
systems) because of all kind of attacks the evil remote system could
perform.

Now my idea was, if all that were "confined" in a Xephyr session
(perhaps one per host connection, or perhaps even per executed command -
just as the users likes)... one could get kind of a "secure
X-forwarding".

So questions are:
1) Can I restrict X-forwardings to a specific X-server (i.e. the Xephyr
instance that should be used for it; and that is for example
automatically started by ssh)? How's that done best? (i.e. in the most
strict/secure way)?

2) Is it possible to "break" out of a Xephyr?
Well of course I'm not talking about possibly hidden security holes, but
rather: Are there "intended" ways to break out?

3) How about resource sharing?
Are there things like shared memory between Xephyr and its host X?
Can Xephyr use hardware features like direct communication with the 3D
card?

4) What (else) can one do to restrict Xephyr as much as possible? Or
more generally, what else should one to with respect to my idea in the
above bug.


Thanks,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5165 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-devel/attachments/20120918/77c66e7a/attachment.bin>


More information about the xorg-devel mailing list