Urgent - Potential security hole.
Paul
paul at all-the-johnsons.co.uk
Sat Oct 30 13:19:24 UTC 2004
Hi,
I think I've found a hole!
I logged into this box from work yesterday via ssh, compiled Mono and
some other bits then decided to try if I could run a C# app from this
machine and view it at work.
I don't have X forwarding enabled and can see this by trying to run
Firefox on this machine when logged into my sons box - firefox fails to
run.
The C# application ran and I could use it at work.
I'm using the 643 kernel with everything updated. I'm not sure if this
is a mono thing or X forwarding being broken. I'm using selinux
targetted.
This could be a serious problem and I want to be sure before putting it
into bugzilla as a blocker.
TTFN
Paul
--
"Trust me, I know what I'm doing" - Det. Sledgehammer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20041030/2ac60e20/attachment.sig>
More information about the fedora-test-list
mailing list