Re: [Tails-dev] [Tails - Bug #6389] Vidalia fails to show up…

Borrar esta mensaxe

Responder a esta mensaxe
Autor: Alan
Data:  
Para: tails-dev
Asunto: Re: [Tails-dev] [Tails - Bug #6389] Vidalia fails to show up on some hardware
Hi,

On Fri, 08 Nov 2013 23:58:18 +0100 intrigeri <intrigeri@???> wrote:
> Alan wrote (08 Nov 2013 22:33:02 GMT) :
> > Do we want to do add a script like that to Tails to be able to wait
> > for vidalia's pid to connect to X? Or to rewrite `restart-vidalia`
> > in python? Or to keep the ugly `sleep`?
>
> Thanks for looking into this, I hope it was fun :)
>

A learned quite a lot about X utilities and the Xlib indeed!

> I'd like to see someone take 5 minutes to think through the actual
> disadvantages of a (admitedly ugly) `sleep 5' (or even `sleep 60', to
> accommodate slower nested virtualization as used in the test suite).
>

I fail to see how we would be sure that we sleep long enough. So
perhaps we could find a fix with sleep that works for all the tests we
do, but unless we actually wait for the client to connect to X, we
can't be sure that an hardware that is slow enough to break this won't
show up.

> Without this data in hand, I find it hard to be convinced that it's
> worth it to throw a full-blown Python interpreter at this problem,
> merely to close some X authentication window at the optimal time.
>
> (I mean, of course something like this Python script is the "correct"
> solution, but sometimes we just don't care that much about
> correctness, sometimes a waaay simpler and lighter solution is
> good enough.)
>

I was thinking about a patch to x11-utils to add the PID to
xlsclients output (which would be quite easy), but thought it was a bit
to much time investement to perhaps have the option in jessie...

> So, I guess my real question is: why would an attacker, who supposedly
> is able to take advantage of the window offered by `sleep 5' (or even
> `sleep 60'), *not* be able to take advantage of the time between the
> time door is open and the time it is closed?
>

I would say: the shorter the time is, the shorter an attacker would be
able to use the X authentication. But as I understand things, an
attacker that would be able to take control of the Vidalia process would
be authenticated to X anyway, and I don't see why an attacker would
execute code as the vidalia user if she didn't took control of the
vidalia process. Am I wrong?

If I'm right, we don't care that much about closing X auth before
vidalia exits, right?

Cheers