What do su - usrnm get? [closed]

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












I will running some closed source programs in the current logging Konsole window by su - usrnm command, I know that'll share the desktop screen with the programs running under usrnm, not safe enough, and what other information will share to usrnm? like clipboard, etc...




security opensuse privacy




share|improve this question














closed as unclear what you're asking by Wouter Verhelst, Jeff Schaller, Tomasz, cas, Romeo Ninov Jan 25 at 8:43


Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.










  • 2




    I guess you should provide more details of this software.
    – Tomasz
    Jan 24 at 20:01










  • I worry that may leak my privacy...it's a proxy software. Running other software with it's listening port.
    – Boll19
    Jan 26 at 11:34














up vote
0
down vote

favorite












I will running some closed source programs in the current logging Konsole window by su - usrnm command, I know that'll share the desktop screen with the programs running under usrnm, not safe enough, and what other information will share to usrnm? like clipboard, etc...




security opensuse privacy




share|improve this question














closed as unclear what you're asking by Wouter Verhelst, Jeff Schaller, Tomasz, cas, Romeo Ninov Jan 25 at 8:43


Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.










  • 2




    I guess you should provide more details of this software.
    – Tomasz
    Jan 24 at 20:01










  • I worry that may leak my privacy...it's a proxy software. Running other software with it's listening port.
    – Boll19
    Jan 26 at 11:34












up vote
0
down vote

favorite









up vote
0
down vote

favorite











I will running some closed source programs in the current logging Konsole window by su - usrnm command, I know that'll share the desktop screen with the programs running under usrnm, not safe enough, and what other information will share to usrnm? like clipboard, etc...




security opensuse privacy




share|improve this question














I will running some closed source programs in the current logging Konsole window by su - usrnm command, I know that'll share the desktop screen with the programs running under usrnm, not safe enough, and what other information will share to usrnm? like clipboard, etc...





security opensuse privacy





share|improve this question













share|improve this question




share|improve this question








edited Jan 24 at 20:00









Tomasz

8,04052560




8,04052560










asked Jan 24 at 12:56









Boll19

724




724




closed as unclear what you're asking by Wouter Verhelst, Jeff Schaller, Tomasz, cas, Romeo Ninov Jan 25 at 8:43


Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.






closed as unclear what you're asking by Wouter Verhelst, Jeff Schaller, Tomasz, cas, Romeo Ninov Jan 25 at 8:43


Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.









  • 2




    I guess you should provide more details of this software.
    – Tomasz
    Jan 24 at 20:01










  • I worry that may leak my privacy...it's a proxy software. Running other software with it's listening port.
    – Boll19
    Jan 26 at 11:34












  • 2




    I guess you should provide more details of this software.
    – Tomasz
    Jan 24 at 20:01










  • I worry that may leak my privacy...it's a proxy software. Running other software with it's listening port.
    – Boll19
    Jan 26 at 11:34







2




2




I guess you should provide more details of this software.
– Tomasz
Jan 24 at 20:01




I guess you should provide more details of this software.
– Tomasz
Jan 24 at 20:01












I worry that may leak my privacy...it's a proxy software. Running other software with it's listening port.
– Boll19
Jan 26 at 11:34




I worry that may leak my privacy...it's a proxy software. Running other software with it's listening port.
– Boll19
Jan 26 at 11:34










1 Answer
1






active

oldest

votes

















up vote
1
down vote













If your distribution arranges for X11 GUI access across su - <username> (i.e. you can successfully start new GUI programs as the su'd user), then the program has full access to your session on the X11 display server. That means:



  • it can capture your keystrokes and mouse movements, even outside the program's visible windows if it wants to (it can open an invisible borderless full-screen window that passes all key/mouse events through to windows under it, and then snoop everything)

  • it has access to the GUI session's clipboard

  • if a program uses X11 properties to e.g. detect and communicate with other instances of itself, the closed source program can see and participate in that communication

Anything else depends on what X11 protocol extensions you're using, what desktop environment you're using, and other details.



If the closed-source program does not need a GUI, you can revoke its X11 access pretty easily, by doing these things after su'ing but before starting the closed-source program:



$ unset DISPLAY
$ unset XAUTHORITY
$ rm ~usrnm/.Xauthority


What remains is just a terminal session, similar to what you'd get by doing a 



ssh -x -a usrnm@localhost





share|improve this answer




















  • ouch! It,s serious about my security, is there any easy tools to tell me which files is accessed by which program running under user:usrnm?
    – Boll19
    Jan 25 at 5:14

















1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
1
down vote













If your distribution arranges for X11 GUI access across su - <username> (i.e. you can successfully start new GUI programs as the su'd user), then the program has full access to your session on the X11 display server. That means:



  • it can capture your keystrokes and mouse movements, even outside the program's visible windows if it wants to (it can open an invisible borderless full-screen window that passes all key/mouse events through to windows under it, and then snoop everything)

  • it has access to the GUI session's clipboard

  • if a program uses X11 properties to e.g. detect and communicate with other instances of itself, the closed source program can see and participate in that communication

Anything else depends on what X11 protocol extensions you're using, what desktop environment you're using, and other details.



If the closed-source program does not need a GUI, you can revoke its X11 access pretty easily, by doing these things after su'ing but before starting the closed-source program:



$ unset DISPLAY
$ unset XAUTHORITY
$ rm ~usrnm/.Xauthority


What remains is just a terminal session, similar to what you'd get by doing a 



ssh -x -a usrnm@localhost





share|improve this answer




















  • ouch! It,s serious about my security, is there any easy tools to tell me which files is accessed by which program running under user:usrnm?
    – Boll19
    Jan 25 at 5:14














up vote
1
down vote













If your distribution arranges for X11 GUI access across su - <username> (i.e. you can successfully start new GUI programs as the su'd user), then the program has full access to your session on the X11 display server. That means:



  • it can capture your keystrokes and mouse movements, even outside the program's visible windows if it wants to (it can open an invisible borderless full-screen window that passes all key/mouse events through to windows under it, and then snoop everything)

  • it has access to the GUI session's clipboard

  • if a program uses X11 properties to e.g. detect and communicate with other instances of itself, the closed source program can see and participate in that communication

Anything else depends on what X11 protocol extensions you're using, what desktop environment you're using, and other details.



If the closed-source program does not need a GUI, you can revoke its X11 access pretty easily, by doing these things after su'ing but before starting the closed-source program:



$ unset DISPLAY
$ unset XAUTHORITY
$ rm ~usrnm/.Xauthority


What remains is just a terminal session, similar to what you'd get by doing a 



ssh -x -a usrnm@localhost





share|improve this answer




















  • ouch! It,s serious about my security, is there any easy tools to tell me which files is accessed by which program running under user:usrnm?
    – Boll19
    Jan 25 at 5:14












up vote
1
down vote










up vote
1
down vote









If your distribution arranges for X11 GUI access across su - <username> (i.e. you can successfully start new GUI programs as the su'd user), then the program has full access to your session on the X11 display server. That means:



  • it can capture your keystrokes and mouse movements, even outside the program's visible windows if it wants to (it can open an invisible borderless full-screen window that passes all key/mouse events through to windows under it, and then snoop everything)

  • it has access to the GUI session's clipboard

  • if a program uses X11 properties to e.g. detect and communicate with other instances of itself, the closed source program can see and participate in that communication

Anything else depends on what X11 protocol extensions you're using, what desktop environment you're using, and other details.



If the closed-source program does not need a GUI, you can revoke its X11 access pretty easily, by doing these things after su'ing but before starting the closed-source program:



$ unset DISPLAY
$ unset XAUTHORITY
$ rm ~usrnm/.Xauthority


What remains is just a terminal session, similar to what you'd get by doing a 



ssh -x -a usrnm@localhost





share|improve this answer












If your distribution arranges for X11 GUI access across su - <username> (i.e. you can successfully start new GUI programs as the su'd user), then the program has full access to your session on the X11 display server. That means:



  • it can capture your keystrokes and mouse movements, even outside the program's visible windows if it wants to (it can open an invisible borderless full-screen window that passes all key/mouse events through to windows under it, and then snoop everything)

  • it has access to the GUI session's clipboard

  • if a program uses X11 properties to e.g. detect and communicate with other instances of itself, the closed source program can see and participate in that communication

Anything else depends on what X11 protocol extensions you're using, what desktop environment you're using, and other details.



If the closed-source program does not need a GUI, you can revoke its X11 access pretty easily, by doing these things after su'ing but before starting the closed-source program:



$ unset DISPLAY
$ unset XAUTHORITY
$ rm ~usrnm/.Xauthority


What remains is just a terminal session, similar to what you'd get by doing a 



ssh -x -a usrnm@localhost






share|improve this answer












share|improve this answer



share|improve this answer










answered Jan 25 at 0:12









telcoM

10.8k11132




10.8k11132











  • ouch! It,s serious about my security, is there any easy tools to tell me which files is accessed by which program running under user:usrnm?
    – Boll19
    Jan 25 at 5:14
















  • ouch! It,s serious about my security, is there any easy tools to tell me which files is accessed by which program running under user:usrnm?
    – Boll19
    Jan 25 at 5:14















ouch! It,s serious about my security, is there any easy tools to tell me which files is accessed by which program running under user:usrnm?
– Boll19
Jan 25 at 5:14




ouch! It,s serious about my security, is there any easy tools to tell me which files is accessed by which program running under user:usrnm?
– Boll19
Jan 25 at 5:14


-

Popular posts from this blog

Peggy Mitchell

Image
EastEnders character This article is about the soap opera character. For the British tennis player, see Peggy Michell. For the author, see Margaret Mitchell. Peggy Mitchell Barbara Windsor as Peggy Mitchell (2008) EastEnders character Portrayed by Jo Warne (1991) Barbara Windsor (1994–2016) Duration 1991, 1994–2010, 2013–2016 First appearance Episode 650 30 April 1991  ( 1991-04-30 ) Last appearance Episode 5286 17 May 2016  ( 2016-05-17 ) (appearance) Episode 5287 19 May 2016 (voiceover) Introduced by Michael Ferguson (1991) Barbara Emile (1994) Louise Berridge (2004) Kate Harwood (2005) Lorraine Newman (2013) Dominic Treadwell-Collins (2014) Spin-off appearances The Mitchells - Naked Truths (1998) Classification Former; regular Profile Other names Peggy Butcher Occupation Barmaid Businesswoman Pub landlady Jo Warne as Peggy Mitchell (1991) Family Family Mitchell Father Jack Martin Mother Lily Martin Sisters Aunt ...
Read more

Palaiologos

Image
Palaiologos Παλαιολόγος Palaeologus, Palaeologue Imperial Family Double-headed eagle with the family cypher Country Byzantine Empire, Duchy of Montferrat (remaining lineage after Empire annexed by Ottomans) Founded 11th century  ( 11th century ) Founder Nikephoros Palaiologos (first known) Final ruler Constantine XI Palaiologos (Byzantine Empire) Margaret Paleologa (Montferrat) Titles Byzantine Emperor Marquess of Montferrat Style(s) "Augustus" "Basileus" "Autokrator" Traditions Greek Orthodoxy (predominantly) Roman Catholicism (remaining lineage in Montferrat) Dissolution 1533  ( 1533 ) Cadet branches Claimants: House of Kastrioti (defunct) House of Rurik (defunct) Palaiologan dynasty Chronology Michael VIII 1259–1282 with Andronikos II as co-emperor, 1261–1282 Andronikos II 1282–1328 with Michael IX (1294–1320) and Andronikos III (1321–1328) as co-emperors Andronikos III 1328–1341 John...
Read more

The Forum (Inglewood, California)

Image
The Forum "LA Forum" Prairie Ave. façade of The Forum in 2014 Full name The Forum, presented by Chase Former names The Forum (1967–1988) Great Western Forum (1988–2003) Address 3900 W. Manchester Blvd Location Inglewood, California Coordinates Coordinates: 33°57′29″N 118°20′31″W  /  33.95806°N 118.34194°W  / 33.95806; -118.34194 Public transit     Downtown Inglewood station Owner The Madison Square Garden Company Operator MSG Entertainment Seating type Reserved Capacity 17,500 Half-bowl: 8,000 Construction Broke ground July 1, 1966  ( 1966-07-01 ) Opened December 30, 1967  ( 1967-12-30 ) Renovated 1988, 2012–2014 Construction cost $16 million Renovation: 2014: $76.5 million Architect Charles Luckman Associates (original) Brisbin Brook Beynon (renovation) Structural engineer Johnson & Nielsen Associates (original) Severud Associates (renovation) Genera...
Read more