NX Security (was [FreeNX-kNX] Re: got: "cannot create directory `/home/.nx'")

freenx at mikebell.org freenx at mikebell.org
Wed Oct 20 00:20:36 UTC 2004


On Wed, Oct 20, 2004 at 01:51:41AM +0200, Kurt Pfeifle wrote:
> It was *you* yourself who misinformed you.

I expect I could find documents various places on the net which suggest
otherwise, but the point is hardly pertinent so I'll just leave it be.

> I have s suggestion: how about you actually start running an NX server
> somewhere? Start *seeing* instead of believing, start *experiencing*
> instead of speculatiing? 

Because as I just stated I (and apparently a few others, or it would be
a non-issue) do not feel comfortable running an NX server at all?
Because it seemed perfectly reasonable to ask if someone was willing to
document the procedure before building two throwaway systems, both
inaccessible from public networks, to briefly look at a piece of
software I've already determined I'm uninterested in running anyway?
Because while NX is interesting technology there is only so much
investiture of time that can be justified?

If you don't want to answer the question then no one is forcing you. But
one can hardly expect people to run software when there is
not-inconsiderable concern about its behaviour and no one will document
that behaviour. Not unless unless that person feels the software's
utility justifies a complete source code audit, and the unfortunate fact
is that this kind of time investment is hard to justify for software of
NX's limited appeal.

> This last time I ask you now: please look at this "shell" yourself, 
> which is what "nx" gets upon login. It likely is not a "shell" like 
> you may imagine or what you expect....
> 
> Maybe the output of this command gives you an idea:

Apparently the progression of the thread has grown confusing. If you
follow it back you'll see that I was NOT talking about the nx server
which is used as a shell for the NX user, but rather about a
hypothetical shell account attained after breaking the NX server, in
response to your earlier insinuation that nothing interesting can be
done with it unless one has a local root exploit.

If there is only a single ssh connection between the two hosts then
whatever mechanism freenx uses to switch between the two (I believe I read
that it was another ssh, from localhost, though this may have been in an
older version and I've already been chastised enough for talking on
issues that were recently corrected) could be trojaned by the NX user
after breaking freenx, allowing passwords to be read and compromising
everything running under that account.

In any event, I will gladly and without reservation acknowledge that
much of this is based on speculation. I had /hoped/ that someone would
step forward to explain the manner in which is does work. If it
addresses the concerns that have been raised I would be only too happy
to not only retract them but also to author some brief documentation on
why they are non-issues, for the elucidation of anyone who had such
questions in the future.




More information about the FreeNX-kNX mailing list