On Tue, Mar 29, 2005 at 10:40:14PM +0100, Phil Betts wrote:
This is possibly not a SuSE specific problem, but since the two systems involved are both running 9.2 Pro, and it's their integrity that's at stake, and since I've no idea what the underlying mechanism is, I thought I'd start here ;)
The situation:
PC1 - SuSE 9.2 Pro AMD32 PC2 - SuSE 9.2 Pro AMD64
Run Firefox as root@PC2 for browsing local files (the files are only readable by root). Still on PC2, run ssh -X to get a shell as normal-user@PC1. Start Evolution on PC1, opening on PC2's display. Click on an http link in an email. A Firefox window opens with the link displayed.
By chance, I noticed that the Adblock extension was missing and I happened to click on the About menu. I was surprised to see that it claimed to be the x86_64 version.
Further investigation revealed that Evolution had connected to the root-invoked Firefox on PC2, rather than starting a fresh instance by normal-user@PC1 displaying on PC2.
Had I not noticed this, it would have been easy for me to enable java/javascript and installed plugins etc., in the belief that the browser was running as normal-user@PC1.
Note that Evolution is an innocent party here, just starting Firefox directly from the ssh session produces the same effect. The reason for mentioning it is that a link in an email can be a seductive way to trap the unwitting user.
Also note that the situation does not appear to occur if the remote connection is not involved. I.e. when root@PC2 runs Firefox, then user@PC2 starts Firefox, this results in 2 instances of Firefox.
IMHO, Firefox should only connect with an already running instance if that instance was started by the same user on the same host. It is questionable whether normal-user@PC1 should even be aware of the existence of the root@PC2 instance.
Your remote side can do even more things, like snooping or inserting keyboard input into the main X session. If you are on the same X Server you have basically full user access. I do not see this is as a problem, but workin as intended. Ciao, Marcus