On Thu, Jun 01, 2006 at 09:59:21AM -0400, Steven W. Orr wrote: > I have a security question that relates to how to get around xlock. There > are 2 scenarios. > > scenario #1: In this case, the system is not configured to run a graphic > login. User Freddy logs in in text mode and then runs startx. While > running his session, he locks the monitor using xlock. He walks away and > Boris Badinoff comes along. BB types "Ctl-Alt-F1" and is taken to the text > window that is running X. He then types Ctl-C and has commandeered the > text login and can do anything that that account allows. Thank you xlock.
This is a problem with Freddy's choices, not with xlock. He should have typed startx &, and once it was started, logged out of the text mode term. > scenario #2: In this case, the computer is configured to run at runlevel 5 > and Freddy logs in on a graphic login (i.e., xdm, kdm, etc...). BB comes > along and hits Ctl-Alt-F1 and gets taken to the mgetty prompt for > screen1. BB (or is it me) is stuck. > > Is it possible for BB to be able to do anything with the machine (short of > sticking a cd in and rebooting) in scenario 2 to get control of that > user's account? Not that I'm aware of. No more so than he would at the GDM screen, in any case. -- Christopher Schmidt Web Developer _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss