On Fri, Mar 23, 2012 at 7:48 PM, Brett <brett.ma...@gmx.com> wrote:
> On Fri, 23 Mar 2012 22:30:40 -0400
> Nick Holland <n...@holland-consulting.net> wrote:
>
>> On 03/23/12 22:02, Brett wrote:
>> > On Sat, 24 Mar 2012 02:43:53 +0100
>> > Henning Brauer <lists-open...@bsws.de> wrote:
>> >
>> >> * Brett <brett.ma...@gmx.com> [2012-03-24 01:56]:
>> >> > > its normal behaviour. from xorg.conf(5):
>> >> > >
>> >> > > Option "DontZap" "boolean"
>> >> > > This disallows the use of the Terminate_Server XKB action
>> >> > > (usually on Ctrl+Alt+Backspace, depending on XKB options).
>> >> > > This action is normally used to terminate the Xorg server. When
>> >> > > this option is enabled, the action has no effect. Default:
off.
>> >> >
>> >> > Would it make sense for this to be the "secure by default" default?
>> >>
>> >> how exactly is preventing yourself from killing your own X server
>> >> increasing security again?
>> >>
>> >
>> > By stopping anyone wandering by my desk (or the cat) from pressing a few
buttons and getting into a console.
>>
>> IF you are logging in at the console, then starting X, yes. There are a
>> few ways to get back to the console.
>>
>> However, if you are relying on xlock to keep people off your system, you
>> will want to use DontZap or use xdm to start X, rather than logging in,
>> starting X and leaving a console running.
>>
>> Note that if you are leaving a console logged in then starting X, a
>> CTRL-ALT-F1 (through F4) may take you somewhere you aren't expecting to
>> be able to get, DontZap or no DontZap.
>>
>> Nick.
>>
>
> Till now I falsely assumed that ctrl+alt+f1 behaved as ctrl+alt+{f2-f4}, and
went to a login: prompt. Sorry for the noise, DontZap on by default will not
improve security.
> I always used startx, will try out xdm. And shutdown my computers more
often!
Good idea. You never know what them sneaky cats are capable of! ;)
--patrick
