[Bug 296604] [NEW] Sugar-Emulator has no access control
mungewell
simon at mungewell.org
Tue Nov 11 04:06:52 GMT 2008
Public bug reported:
Binary package hint: sugar
Sugar-Emulator uses the '-ac' flag in the Xephyr command line, with
turns off access control.
This means that anyone on the network can attach to the
display/keyboard/mouse and interfer with the operation of Sugar (such as
running xeyes, which goes full screen and can not be cancelled!).
With Xephyr on display :1
--
simon at destiny:~$ netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:6001 0.0.0.0:* LISTEN
tcp6 0 0 :::6001 :::* LISTEN
--
Simon.
** Affects: sugar (Ubuntu)
Importance: Undecided
Status: New
--
Sugar-Emulator has no access control
https://bugs.launchpad.net/bugs/296604
You received this bug notification because you are a member of Sugar
Team, which is subscribed to sugar in ubuntu.
Status in “sugar” source package in Ubuntu: New
Bug description:
Binary package hint: sugar
Sugar-Emulator uses the '-ac' flag in the Xephyr command line, with turns off access control.
This means that anyone on the network can attach to the display/keyboard/mouse and interfer with the operation of Sugar (such as running xeyes, which goes full screen and can not be cancelled!).
With Xephyr on display :1
--
simon at destiny:~$ netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:6001 0.0.0.0:* LISTEN
tcp6 0 0 :::6001 :::* LISTEN
--
Simon.
More information about the Ubuntu-sugarteam
mailing list