繞過 Screensaver Lock 的有趣話題...

Hacker News Daily 上看到「Screensaver lock by-pass via the virtual keyboard」這篇,裡面這邊題到了 screensaver lock 的有趣話題。

先講嚴肅一點的,這個 bug 被編號為 CVE-2020-25712,問題出在 xorg-x11-server 上:

A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

比較有趣的事情是,這個 bug 是小朋友在亂玩時拉出 virtual keyboard 觸發的:

A few weeks ago, my kids wanted to hack my linux desktop, so they typed and clicked everywhere, while I was standing behind them looking at them play... when the screensaver core dumped and they actually hacked their way in! wow, those little hackers...

然後他說他自己搞不出來:

I tried to recreate the crash on my own with no success, maybe because it required more than 4 little hands typing and using the mouse on the virtual keyboard.

另外一個人也說他家小朋友也弄出 segfault 了:

My kids came upon a similar cinnamon-screensaver segfault! I've emailed details of how to reproduce the problem to root@linuxmint.com.

小朋友超強 XDDD

CVE-2018-14665:setuid 複寫檔案的 security issue...

Twitter 上看到的 security issue,好久沒在這麼普及的軟體上看到這種 bug 了:

CVE - CVE-2018-14665 的說明裡面有提到 1.20.3 前的版本都有中,但沒講到從哪個版本開始,看起來是全系列...?

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.

這一臉 orz...

Linux 下多點觸控的設定

看到「Multitouch gestures with libinput dirver on X11, Linux」這個專案,可以在 Linux/X11 下偵測到多點觸控,然後設定對應的按鍵,從他的設定檔就可以看到這套軟體的功能了:

swipe:
  3: 
    left: 
      shortcut: 'alt+Right'
    right: 
      shortcut: 'alt+Left'
    up: 
      shortcut: 'ctrl+t'
    down: 
      shortcut: 'ctrl+w'
  4:
    left: 
      shortcut: 'super+Right'
    right: 
      shortcut: 'super+Left'
    up: 
      shortcut: 'super+a'
    down: 
      shortcut: 'super+s'
pinch:
  in:
    shortcut: 'ctrl+plus'
  out:
     shortcut: 'ctrl+minus'

不知道實際跑起來如何 @_@