this post was submitted on 24 Aug 2023
51 points (94.7% liked)
Privacy
31982 readers
348 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Right, but they're configured by an unprivileged program: the settings app. Presumably, a keylogger can pretend to be the settings app.
Couldn't the display server check if the app is actually the settings app by looking at it's executable's location? Not sure how reliable that is, but if it is, it could check if it is coming from somewhere in
/usr
that is also not writable by the current user.The display server has no way of verifying the process ID on the other end of the Unix-domain socket connection, and therefore cannot verify the executable image. It also cannot verify that the settings app hasn't had any malicious code injected with
ptrace
,LD_PRELOAD
, or the like, since the injected code can remove any traces of that before connecting to the display server.