[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Improving gksu: lib, server, basic client
From: |
Gustavo Noronha Silva |
Subject: |
Re: Improving gksu: lib, server, basic client |
Date: |
Wed, 22 Oct 2003 14:29:42 -0200 |
Em Wed, 22 Oct 2003 11:10:28 -0300 (ART), Tevaum <address@hidden> escreveu:
> Hi...
Hello Tevaum, nice to see you here! =)
For the other subscribers, Tevaum is a local friend of mine. He studies
at the same university as me.
> I'm worried about the secutiry... is it possible to
> steal data from the daemon? is there any kind of auth?
Yes, the XAUTH_token you ask about below is just 'getable' by
the user who started the X server. We could do some ident
check, also, to know that the user requesting the password
is the same that have set it (looking at the efective uid,
for example).
The XAUTH stuff is quite safe, though, I believe. I am more
worried about the security when the password is going from
the server to the client and vice-versa. We should implement
ssl or some stuff to crypt it.
--
address@hidden: Gustavo Noronha <http://people.debian.org/~kov>
Debian: <http://www.debian.org> * <http://www.debian-br.org>
http://debian-br.alioth.debian.org/?id=WebWML
- Re: Improving gksu: lib, server, basic client, (continued)
- Re: Improving gksu: lib, server, basic client, Agney Lopes Roth Ferraz, 2003/10/22
- Re: Improving gksu: lib, server, basic client, Allan Douglas, 2003/10/24
- Re: Improving gksu: lib, server, basic client, Gustavo Noronha Silva, 2003/10/27
- Re: Improving gksu: lib, server, basic client, Allan Douglas, 2003/10/27
- Re: Improving gksu: lib, server, basic client, Gustavo Noronha Silva, 2003/10/28
- Re: Improving gksu: lib, server, basic client, Allan Douglas, 2003/10/28
- Re: Improving gksu: lib, server, basic client, Paul Smith, 2003/10/29
- Re: Improving gksu: lib, server, basic client, Gustavo Noronha Silva, 2003/10/29
Re: Improving gksu: lib, server, basic client, Tevaum, 2003/10/22
- Re: Improving gksu: lib, server, basic client,
Gustavo Noronha Silva <=
Re: Improving gksu: lib, server, basic client, Gustavo Noronha Silva, 2003/10/27