[PATCH] tcp-wrappers support extended to x11 forwards

Kevin Steves stevesk at pobox.com
Sat Dec 1 07:15:57 EST 2001


On Fri, 30 Nov 2001, Ed Phillips wrote:
:Okay... I see now.  It's a little scary that even with a valid "fake"
:cookie that has somehow been stolen and put on SystemC, that a hacker on
:SystemC could display X progrms on SystemA.  I would have guessed that
:unless you configured ssh/sshd to explicitly allow this kind of X
:forwarding, it wouldn't work - but I just tried it and it works fine.  I
:guess this is why there has been talk lately about the "fake" X server
:port being bound to localhost explicity or not (at least I think that's
:what they were talking about)...

yes, that's what we are talking about.

:On a side note, I recently reported a bug (and received no response)
:that is relevent to the above.  If a hacker were actually trying to use
:random cookies from SystemC to diplay on SystemA through SystemB... there
:is a bug in ssh/sshd were they hang around instead of exiting when you log
:out - and in this scenario, the bug allows the hacker to keep trying
:cookies forever or until you explicitly kill ssh/sshd.  The bug itself
:seems to cause ssh/sshd to hang instead of exiting.  I also submitted the
:exact details on how to reproduce the bug.  That was weeks ago...

i don't see that.  what is the bug number?




More information about the openssh-unix-dev mailing list