Hello fellow hackers,
the question has been floating around for quite some time on the
internet, but I think it is a good place to answer it in the manual of
our screen locker. Is slock really secure and if not, how can I harden
it so that nobody can access my machine?
There are two ways one can possibly circumvent a locked X screen (not
including security holes in the Kernel)
1) switch to a different VT that is logged in. Then there, proceed to
kill slock and switch back the now unlocked VT.
2) kill the X server with Ctrl+Alt+Backspace (if enabled). If no login
manager is used, this yields an open shell. All work within the X
session is usually lost, but the attacker still has access to the
user data.
Sysrq can be used to kill all running processes, but this also logs out
the user and thus is no problem. I did not add it here because if
somebody wants to "pwn" the user he can just unplug the computer or
take out the battery to destroy all the work.
You can disable VT switching and Ctrl+Alt+Backspace (this also
overrides the local Xkb settings and is thus foolproof) for sure by
setting two options in xorg.conf. See the patch for details on the
instructions.
Cheers
FRIGN
--
FRIGN <dev_AT_frign.de>
Received on Wed Sep 28 2016 - 20:33:24 CEST