[xgk]dm hackery.
Christopher Schmidt
crschmidt at crschmidt.net
Thu Jun 1 10:15:01 EDT 2006
On Thu, Jun 01, 2006 at 09:59:21AM -0400, Steven W. Orr wrote:
> I have a security question that relates to how to get around xlock. There
> are 2 scenarios.
>
> scenario #1: In this case, the system is not configured to run a graphic
> login. User Freddy logs in in text mode and then runs startx. While
> running his session, he locks the monitor using xlock. He walks away and
> Boris Badinoff comes along. BB types "Ctl-Alt-F1" and is taken to the text
> window that is running X. He then types Ctl-C and has commandeered the
> text login and can do anything that that account allows. Thank you xlock.
This is a problem with Freddy's choices, not with xlock. He should have
typed startx &, and once it was started, logged out of the text mode
term.
> scenario #2: In this case, the computer is configured to run at runlevel 5
> and Freddy logs in on a graphic login (i.e., xdm, kdm, etc...). BB comes
> along and hits Ctl-Alt-F1 and gets taken to the mgetty prompt for
> screen1. BB (or is it me) is stuck.
>
> Is it possible for BB to be able to do anything with the machine (short of
> sticking a cd in and rebooting) in scenario 2 to get control of that
> user's account?
Not that I'm aware of. No more so than he would at the GDM screen, in
any case.
--
Christopher Schmidt
Web Developer
More information about the gnhlug-discuss
mailing list