Fwd: The importance of mutual authentication: Local Privilege Escalation in X11

[Roberto Ragusa]

On 11/29/20 8:42 PM, Keith Packard wrote:
> Roberto Ragusa <mail at robertoragusa.it> writes:
> 
>> Wouldn't this make it impossible to run processes under different users
>> by using xauth and export DISPLAY=:0 ?
> 
> As long as the other user has access to the specified path, processes
> will be able to connect to the server.

I was quoting "a subdirectory of the user’s home directory".
Home directories are usually 700.
And $XDG_RUNTIME_DIR has the same problem.

Regards.
-- 
    Roberto Ragusa    mail at robertoragusa.it