[MLUG] X clarification please

[Jeremy]

On 11-04-30 02:39 PM, Leslie S Satenstein wrote:
> I understood that X was not designed with security in mind. I have this
> question, given a small environment of 3-4 users, all of which are
> locally attached.
>
> Is my use of root, given these users are all local on the system with
> Gnome, a risk if none of the users are hostile?
>
> If someone logs into the system with remote desktop, (not happening
> during the day), is he able to see all the keypresses, as outlined in
> the link I was referred to in the previous emails?
>
> If he/she has to be on the system, and go through the effort to capture
> my Gnome keystrokes, then what is the danger of a breech from remote
> logon (secure telnet via putty)? Just because a danger is possible from
> a local user only, what is the risk to using root under Gnome? Is the
> risk any less with Gnome3 or XFCE? The local user's are doing authoring
> of material and may from time to time, access Google or other search engine.

I think it is easiest to say that elevating privileges is a better way 
to do handle it. Give the program you want to run root privileges, not 
the user.

If you make a shortcut (application starter) and just put sudo (or 
gksudo) before the command it will pop up a password prompt and just 
that process is running with root privileges.

A good trick as well is to use the sudoers file and specify programs 
users should be allowed to run, and you can also specify that no 
password is needed for certain users on certain programs.

There just is no good reason to run as root, since all it takes is a 
sudo call to get there. Plus no need to log out and log in again as root 
to do things.

I'll let someone else answer whether keystrokes can be captured and so on ;)

Jeremy