-- Raiz On 2016-09-28 21:33, FRIGN wrote: > Hello fellow hackers, > > the question has been floating around for quite some time on the > internet, but I think it is a good place to answer it in the manual of > our screen locker. Is slock really secure and if not, how can I harden > it so that nobody can access my machine? > > There are two ways one can possibly circumvent a locked X screen (not > including security holes in the Kernel) > > 1) switch to a different VT that is logged in. Then there, proceed to > kill slock and switch back the now unlocked VT. > 2) kill the X server with Ctrl+Alt+Backspace (if enabled). If no login > manager is used, this yields an open shell. All work within the X > session is usually lost, but the attacker still has access to the > user data. > > Sysrq can be used to kill all running processes, but this also logs out > the user and thus is no problem. I did not add it here because if > somebody wants to "pwn" the user he can just unplug the computer or > take out the battery to destroy all the work. > > You can disable VT switching and Ctrl+Alt+Backspace (this also > overrides the local Xkb settings and is thus foolproof) for sure by > setting two options in xorg.conf. See the patch for details on the > instructions. > > Cheers > > FRIGNReceived on Wed Sep 28 2016 - 21:03:57 CEST
This archive was generated by hypermail 2.3.0 : Wed Sep 28 2016 - 21:12:15 CEST