On Tue, Jan 26, 2010 at 02:15:13PM +0100, Josselin Mouette wrote: > Le mardi 26 janvier 2010 à 12:00 +0100, Bastian Blank a écrit : > > The OOM killer can always be forced with normal processes as long as > > over-commitment is enabled. So it is never save to add security measures > > within processes that can be killed seperately. > Do you also have any ideas of what screensavers should do to be secure > wrt. the OOM killer and similar attack vectors?
Move the locking themself into the X server and export the controls as extension. If the control process dies, the screen remains locked and can only be unlocked by a authenticated X connection. Bastian -- Beam me up, Scotty! It ate my phaser! -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org