Re: [dev] [SLOCK] is not safe

From: Claudio M. Alessi <smoppy_AT_gmail.com>
Date: Sun, 17 Jan 2010 21:56:42 +0100

On Sun, Jan 17, 2010 at 04:17:16PM +0100, Julien Pecqueur wrote:
> Hi,
Hi

> I'm using slock and i am suprised to realize that is not safe at all!
Oh, you are scary me.

> I launched slock in my DWM session. I just have to press CTRL+ALT+F1
> and press CTRL+z (to send startx in background an get the hand on the
> shell) and type "killall slock" to unlock the session...
I wondering what all this have to do with security!? ^-mod-f1 is an X11
behaviour, nothing to do with slock (and it's also configurable); as regards as
kill (and brothers) there is nothing concerning security: you are the owner of
the process and you are, obviously, enabled to stop (or kill) it. What's wrong?
If you won't slock to be killed by users, run it as root, or just trust
yourself (ergo, your user).

Regards,
Claudio M. Alessi

-- 
JID: smoppy AT gmail.com
WWW: http://cma.teroristi.org
Received on Sun Jan 17 2010 - 20:56:42 UTC

This archive was generated by hypermail 2.2.0 : Sun Jan 17 2010 - 21:00:03 UTC