Re: [dev] [SLOCK] is not safe

From: Nico Golde <nico_AT_ngolde.de>
Date: Tue, 19 Jan 2010 13:44:19 +0100

Hi,
* Premysl Hruby <dfenze_AT_gmail.com> [2010-01-19 12:21]:
> On (19/01/10 12:05), Nico Golde wrote:
> > * Andres Perera <andres87p_AT_gmail.com> [2010-01-18 22:16]:
> > > On Mon, Jan 18, 2010 at 4:23 PM, anonymous <aim0shei_AT_lavabit.com> wrote:
> > > >> This thread is hilarious, I find it pretty funny that on a mailing list of the
> > > >> suckless project people are suggesting all kinds of weird things to solve this
> > > >> instead just using exec /usr/bin/dwm in ~/.xinitrc rather than /usr/bin/dwm.
> > > >
> > > > Just checked: I was always using exec in xinitrc. And I can still
> > > > killall slock.
> > >
> > > I'm also using exec dwm in xinitrc, as are most people that use startx or xinit.
> > >
> > > That doesn't solve anything.
> >
> > Huh? What is the issue then? The original mail stated the problem is putting
> > the shell into background by ctrl-z and then killing slock which clearly
> > doesn't work if you exec into startx.
>
> Problem here is not using exec startx or startx & exit, not using or not
> using exec in xinitrc/xsession!

So what else is it? Being able to switch to the console is no security issue.
Being able to interact with a shell where there shouldn't be one, is.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.

Received on Tue Jan 19 2010 - 12:44:19 UTC

This archive was generated by hypermail 2.2.0 : Tue Jan 19 2010 - 12:48:02 UTC