Re: OpenSSH uploaded replacing ssh, please test

To: Jules Bean <[email protected]>
Cc: Tommi Virtanen <[email protected]>, Philip Hands <[email protected]>, [email protected], recipient list not shown: ;
Subject: Re: OpenSSH uploaded replacing ssh, please test
From: Joey Hess <[email protected]>
Date: Thu, 4 Nov 1999 12:37:29 -0800
Message-id: <[email protected]>
Mail-followup-to: Jules Bean <[email protected]>, Tommi Virtanen <[email protected]>, Philip Hands <[email protected]>, [email protected], recipient list not shown: ;
In-reply-to: <[email protected]>; from [email protected] on Thu, Nov 04, 1999 at 07:50:32PM +0000
References: <[email protected]> <[email protected]>

Jules Bean wrote:
> Correct me if I'm wrong, but the only way someone could install such a
> sneaky app is if they have root access on that machine, or access to your
> account on that machine.  And if they have either of those things, you
> have no security anyway, because they can run circles around any security
> measure you impose.

All someone needs to run an invisible keyboard grabber is for you to mess up
your Xauthority for a minute. Ie, run "xhost +", or leak your Xauthority
cookie, etc.

-- 
see shy jo

Reply to:

Follow-Ups:
- Re: OpenSSH uploaded replacing ssh, please test
  - From: [email protected] (Ruud de Rooij)

References:
- Re: OpenSSH uploaded replacing ssh, please test
  - From: Tommi Virtanen <[email protected]>
- Re: OpenSSH uploaded replacing ssh, please test
  - From: Jules Bean <[email protected]>

Prev by Date: Re: all xterms
Next by Date: Re: OpenSSH uploaded replacing ssh, please test
Previous by thread: Re: OpenSSH uploaded replacing ssh, please test
Next by thread: Re: OpenSSH uploaded replacing ssh, please test
Index(es):
- Date
- Thread

	
		OSZAR »