[hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

From: FRIGN <dev_AT_frign.de>
Date: Wed, 28 Sep 2016 20:33:24 +0200

Hello fellow hackers,

the question has been floating around for quite some time on the
internet, but I think it is a good place to answer it in the manual of
our screen locker. Is slock really secure and if not, how can I harden
it so that nobody can access my machine?

There are two ways one can possibly circumvent a locked X screen (not
including security holes in the Kernel)

1) switch to a different VT that is logged in. Then there, proceed to
   kill slock and switch back the now unlocked VT.
2) kill the X server with Ctrl+Alt+Backspace (if enabled). If no login
   manager is used, this yields an open shell. All work within the X
   session is usually lost, but the attacker still has access to the
   user data.

Sysrq can be used to kill all running processes, but this also logs out
the user and thus is no problem. I did not add it here because if
somebody wants to "pwn" the user he can just unplug the computer or
take out the battery to destroy all the work.

You can disable VT switching and Ctrl+Alt+Backspace (this also
overrides the local Xkb settings and is thus foolproof) for sure by
setting two options in xorg.conf. See the patch for details on the



FRIGN <dev_AT_frign.de>
Received on Wed Sep 28 2016 - 20:33:24 CEST

This archive was generated by hypermail 2.3.0 : Wed Sep 28 2016 - 20:36:16 CEST