X Window JianJing Cao (ID #98284)
Content • Introduction • X Window System • Function • Window Principle • How X Window Works • Security
Introduction • X window, a window system for UNIX was developed at M.I.T when graphics terminals came into existence • The X Window system is device independent -- it can run on most common computer platforms. It includes workstations from companies such as Sun Microsystems Inc, and Silicon Graphics Inc.
Introduction • X window is a portable, network-transparent window system which runs on many different computers. It is frequently used in conjunction with the UNIX operating system • X window is a client-server model
Function • X Window provides a consistent means of graphical user interaction for UNIX workstations. • Motif (one of toolkit) uses X window provides an introduction to graphic user interface (GUI) programming base on Unix operating system.
Function • With X the programmer can write a single application in a single language and run this program on different machines with little or no modification. Moreover, applications can actually run programs on one computer and have the results displayed on another (or several) computer's terminal.
X Window Principle • All forms of displaying of information in X are bit-mapped • X, like most other windowing systems, divides the screen into various parts that control input and output. Each part is called a window • Not all applications need to consist of a single window.
X Window Principle • There is one special window, the background or root window. All other windows are children of the root .
How X window Works • It runs on a machine with a display, keyboard, and a mouse • All a client program needs to do to use the X display is to open up a connection with the server and then send Protocol requests to it.
How X window works • There are 4 types of messages passing between the client and server; • Requests - the client can ask the server to draw something, or ask for information. • Replies - the server can reply. • Events - the server can supervise the client with something • Errors - the server can report an error
Security • Problem • Solution
Damage Possible By Attacker • destroy any (or all) of your windows • open new windows on your screen • view the contents of your screen remotely • log all keystrokes, including passwords, typed while in X
Damage Possible By Attacker • generate spurious X events causing arbitrary instructions to be executed (this risk is particularly great if you use Emacs)
Solution • Host Authentication • Token Authentication
Host Authentication • Using xhost(display,add,move) Benfit: The xhost access control mechanism is certainly easy to use. A single program with a simple syntax is required Drawbacks: 1.Many environments, where numerous users are allowed access to a particular host . 2. NCD servers, SGI systems, and Mac X for the Macintosh come with access control disable by default.
Token Authentication • xauth Program: The xauth program is used for editing and displaying the user's magic cookie authorization information • The X Display Manager: xdm, is a client which provides login screens for multiple X Servers
Token Authentication • Benefits: Authorization is now done on a user-by-user basis, not a host-by-host basis. • Drawbacks: The xdm and xauth programs are time consuming for both the administrator and the end user to use and maintain. They require a good understanding of the X client-server model on the part of the user.
Reference • http://search.yahoo.com/bin/search?p=X+window • Structure Computer Organization 4th EditionAndrew S. Tanenbaum