Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Jan 20, 2012 2:10 AM, Florian Pritz bluew...@xinu.at wrote: On 20.01.2012 02:18, David J. Haines wrote: On Thu, Jan 19, 2012 at 8:08 PM, Tavian Barnes taviana...@tavianator.com wrote: On 19 January 2012 18:23, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 -- Tavian Barnes No Happy Hacking Keyboard (1996 IBM Model M, baby!), but I do use a custom keyboard layout that allows me to type international letters and switch entirely to a phonetic Cyrillic layout. Please check if your custom layout contains the string XF86_ClearGrab (maybe also without the underscore) and if yes, replace it with NoSymbol. Don't forget to reload it afterwards. -- Florian Pritz I will be sure to do that, but that does seem only to address the symptom and not the underlying sickness. As I intimated earlier, this is most likely an issue for the app (or more precisely screen locking app) writers. Thanks for what looks to be a great intirim solution!
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Fri, Jan 20, 2012 at 7:53 AM, David J. Haines dhai...@gmail.com wrote: On Jan 20, 2012 2:10 AM, Florian Pritz bluew...@xinu.at wrote: On 20.01.2012 02:18, David J. Haines wrote: On Thu, Jan 19, 2012 at 8:08 PM, Tavian Barnes taviana...@tavianator.com wrote: On 19 January 2012 18:23, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 -- Tavian Barnes No Happy Hacking Keyboard (1996 IBM Model M, baby!), but I do use a custom keyboard layout that allows me to type international letters and switch entirely to a phonetic Cyrillic layout. Please check if your custom layout contains the string XF86_ClearGrab (maybe also without the underscore) and if yes, replace it with NoSymbol. Don't forget to reload it afterwards. -- Florian Pritz I will be sure to do that, but that does seem only to address the symptom and not the underlying sickness. As I intimated earlier, this is most likely an issue for the app (or more precisely screen locking app) writers. Thanks for what looks to be a great intirim solution! FYI, this interim solution does work. I'll make sure that xscreensaver upstream knows about this issue. David J. Haines dhai...@gmail.com
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
Am 20.01.2012 02:08, schrieb Tavian Barnes: IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 This post is horribly wrong. 1) The documentation cited is from Xorg 6.8, which is terribly old. 2) The options cited do not exist anymore. 3) With the removal of the 'misc' extension, the API to disable these features does not exist anymore. Even when the options still existed, the documentation was updated accordingly, see [1]. So, you are wrong, the screen lockers have no way to fight this. Disabling these keys in keymaps is not an interim solution, but the final one. [1] http://cgit.freedesktop.org/xorg/xserver/commit/?id=1a573e402ec112913a404f092b5b97d8d9210f94 signature.asc Description: OpenPGP digital signature
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
I stand corrected in my interim language. David J. Haines dhai...@gmail.com On Fri, Jan 20, 2012 at 10:56 AM, Thomas Bächler tho...@archlinux.org wrote: Am 20.01.2012 02:08, schrieb Tavian Barnes: IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 This post is horribly wrong. 1) The documentation cited is from Xorg 6.8, which is terribly old. 2) The options cited do not exist anymore. 3) With the removal of the 'misc' extension, the API to disable these features does not exist anymore. Even when the options still existed, the documentation was updated accordingly, see [1]. So, you are wrong, the screen lockers have no way to fight this. Disabling these keys in keymaps is not an interim solution, but the final one. [1] http://cgit.freedesktop.org/xorg/xserver/commit/?id=1a573e402ec112913a404f092b5b97d8d9210f94
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
El 20/01/12 04:10, Florian Pritz escribió: On 20.01.2012 02:18, David J. Haines wrote: On Thu, Jan 19, 2012 at 8:08 PM, Tavian Barnes taviana...@tavianator.com wrote: On 19 January 2012 18:23, Dmitry Korzhevindkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 -- Tavian Barnes No Happy Hacking Keyboard (1996 IBM Model M, baby!), but I do use a custom keyboard layout that allows me to type international letters and switch entirely to a phonetic Cyrillic layout. Please check if your custom layout contains the string XF86_ClearGrab (maybe also without the underscore) and if yes, replace it with NoSymbol. Don't forget to reload it afterwards. I did that and it solved the problem with the ctrl+atl+* key combo, but I realized that ctrl+atl+/ does the same thing =( I attach my custom xkbcomp file.
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On 20.01.2012 18:38, Sébastien le Preste de Vauban wrote: El 20/01/12 04:10, Florian Pritz escribió: On 20.01.2012 02:18, David J. Haines wrote: On Thu, Jan 19, 2012 at 8:08 PM, Tavian Barnes taviana...@tavianator.com wrote: On 19 January 2012 18:23, Dmitry Korzhevindkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 -- Tavian Barnes No Happy Hacking Keyboard (1996 IBM Model M, baby!), but I do use a custom keyboard layout that allows me to type international letters and switch entirely to a phonetic Cyrillic layout. Please check if your custom layout contains the string XF86_ClearGrab (maybe also without the underscore) and if yes, replace it with NoSymbol. Don't forget to reload it afterwards. I did that and it solved the problem with the ctrl+atl+* key combo, but I realized that ctrl+atl+/ does the same thing =( I attach my custom xkbcomp file. The 4 debug symbols are: XF86LogGrabInfo, XF86Ungrab, XF86ClearGrab, XF86LogWindowTree Ungrab and ClearGrab can break things, while Log* are pretty harmless. -- Florian Pritz signature.asc Description: OpenPGP digital signature
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
El 20/01/12 15:07, Florian Pritz escribió: On 20.01.2012 18:38, Sébastien le Preste de Vauban wrote: El 20/01/12 04:10, Florian Pritz escribió: On 20.01.2012 02:18, David J. Haines wrote: On Thu, Jan 19, 2012 at 8:08 PM, Tavian Barnes taviana...@tavianator.com wrote: On 19 January 2012 18:23, Dmitry Korzhevindkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 -- Tavian Barnes No Happy Hacking Keyboard (1996 IBM Model M, baby!), but I do use a custom keyboard layout that allows me to type international letters and switch entirely to a phonetic Cyrillic layout. Please check if your custom layout contains the string XF86_ClearGrab (maybe also without the underscore) and if yes, replace it with NoSymbol. Don't forget to reload it afterwards. I did that and it solved the problem with the ctrl+atl+* key combo, but I realized that ctrl+atl+/ does the same thing =( I attach my custom xkbcomp file. The 4 debug symbols are: XF86LogGrabInfo, XF86Ungrab, XF86ClearGrab, XF86LogWindowTree Ungrab and ClearGrab can break things, while Log* are pretty harmless. Thanks, removing all references to Ungrab and ClearGrab solved the problem.
[arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. -- Best regards, Dmitry Korzhevin Tel: +38 (039) 295- Office Phone: +38 (044) 383-14-12 E-mail: dkorzhe...@lsupport.net Jabber ID: dkorzhe...@lsupport.net Skype: dkorzhevin URL: http://lsupport.net Linux Support LLC
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Fri, Jan 20, 2012 at 12:23 AM, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. On a fully updated system? http://mailman.archlinux.org/pipermail/arch-general/2012-January/024298.html
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Fri, Jan 20, 2012 at 12:28 AM, David J. Haines dhai...@gmail.com wrote: On Thu, Jan 19, 2012 at 6:26 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:23 AM, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. On a fully updated system? http://mailman.archlinux.org/pipermail/arch-general/2012-January/024298.html It works on mine as well. Fully updated. Just to make sure: are you running xkeyboard-config 2.4.1-3?
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Thu, Jan 19, 2012 at 6:30 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:28 AM, David J. Haines dhai...@gmail.com wrote: On Thu, Jan 19, 2012 at 6:26 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:23 AM, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. On a fully updated system? http://mailman.archlinux.org/pipermail/arch-general/2012-January/024298.html It works on mine as well. Fully updated. Just to make sure: are you running xkeyboard-config 2.4.1-3? Yep. David J. Haines dhai...@gmail.com
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Fri, Jan 20, 2012 at 12:32 AM, David J. Haines dhai...@gmail.com wrote: On Thu, Jan 19, 2012 at 6:30 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:28 AM, David J. Haines dhai...@gmail.com wrote: On Thu, Jan 19, 2012 at 6:26 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:23 AM, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. On a fully updated system? http://mailman.archlinux.org/pipermail/arch-general/2012-January/024298.html It works on mine as well. Fully updated. Just to make sure: are you running xkeyboard-config 2.4.1-3? Yep. Then please ask for reopening of this report https://bugs.archlinux.org/task/28008 and say that you have xkeyboard-config 2.4.1-3 and the hack still works.
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On 01/20/2012 01:32 AM, David J. Haines wrote: On Thu, Jan 19, 2012 at 6:30 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:28 AM, David J. Haines dhai...@gmail.com wrote: On Thu, Jan 19, 2012 at 6:26 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:23 AM, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. On a fully updated system? http://mailman.archlinux.org/pipermail/arch-general/2012-January/024298.html It works on mine as well. Fully updated. Just to make sure: are you running xkeyboard-config 2.4.1-3? Yep. David J. Haines dhai...@gmail.com have you restarted X since the update? -- Ionuț signature.asc Description: OpenPGP digital signature
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
Cannot reproduce, using xkeyboard-config 2.4.1-3, xscreensaver with Xfce 4.8. Looks like the testing version has this patched.
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Fri, Jan 20, 2012 at 12:50 AM, Michael Holmes holmesm...@gmail.com wrote: Cannot reproduce, using xkeyboard-config 2.4.1-3, xscreensaver with Xfce 4.8. Looks like the testing version has this patched. There's none, the only xkeyboard-config we have in the synced mirrors is already in extra: http://www.archlinux.org/packages/?sort=q=xkeyboard-configmaintainer=last_update=flagged=limit=50
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Thu, Jan 19, 2012 at 6:38 PM, Ionut Biru ib...@archlinux.org wrote: On 01/20/2012 01:32 AM, David J. Haines wrote: On Thu, Jan 19, 2012 at 6:30 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:28 AM, David J. Haines dhai...@gmail.com wrote: On Thu, Jan 19, 2012 at 6:26 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:23 AM, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. On a fully updated system? http://mailman.archlinux.org/pipermail/arch-general/2012-January/024298.html It works on mine as well. Fully updated. Just to make sure: are you running xkeyboard-config 2.4.1-3? Yep. David J. Haines dhai...@gmail.com have you restarted X since the update? -- Ionuț I just restarted, and it's exhibiting the same behavior.
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Fri, Jan 20, 2012 at 1:04 AM, David J. Haines dhai...@gmail.com wrote: I just restarted, and it's exhibiting the same behavior. Do you have a Happy Hacking Keyboard? ;-)
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On 01/19/2012 04:04 PM, David J. Haines wrote: On Thu, Jan 19, 2012 at 6:38 PM, Ionut Biruib...@archlinux.org wrote: On 01/20/2012 01:32 AM, David J. Haines wrote: On Thu, Jan 19, 2012 at 6:30 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:28 AM, David J. Hainesdhai...@gmail.com wrote: On Thu, Jan 19, 2012 at 6:26 PM, Karol Blazewicz karol.blazew...@gmail.com wrote: On Fri, Jan 20, 2012 at 12:23 AM, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. On a fully updated system? http://mailman.archlinux.org/pipermail/arch-general/2012-January/024298.html It works on mine as well. Fully updated. Just to make sure: are you running xkeyboard-config 2.4.1-3? Yep. David J. Haines dhai...@gmail.com have you restarted X since the update? -- Ionuț I just restarted, and it's exhibiting the same behavior. Happens for me as well, fully updated and restarted.
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On 01/19/2012 04:07 PM, Karol Blazewicz wrote: On Fri, Jan 20, 2012 at 1:04 AM, David J. Hainesdhai...@gmail.com wrote: I just restarted, and it's exhibiting the same behavior. Do you have a Happy Hacking Keyboard? ;-) Retract my last statement. I do not have the issue still my bad :(
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On 20-01-2012 00:08, Don Juan wrote: I just restarted, and it's exhibiting the same behavior. Happens for me as well, fully updated and restarted. Works fine here. Fully up-to-date x86_64, radeon driver, xscreensaver, xfce. -- Mauro Santos
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On 19 January 2012 18:23, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 -- Tavian Barnes
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On Thu, Jan 19, 2012 at 8:08 PM, Tavian Barnes taviana...@tavianator.com wrote: On 19 January 2012 18:23, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 -- Tavian Barnes No Happy Hacking Keyboard (1996 IBM Model M, baby!), but I do use a custom keyboard layout that allows me to type international letters and switch entirely to a phonetic Cyrillic layout. In playing about, it looks like if your WM (or another program?) grabs the alt key, as does xmonad by default, then the combination won't produce the result. I have Caps Lock send mod4mask (the Windows key), have left Alt send Alt, and right Alt send AltGr. I can kill xscreensaver with Ctrl-Left Alt-Keypad *, but not with Right Alt, which would make sense given the keyboard setup. In the end, though, I think Tavian is right. Before they reintroduced this feature, it was up to applications to disable it themselves, IIRC.
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On 20.01.2012 02:08, Tavian Barnes wrote: On 19 January 2012 18:23, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 http://cgit.freedesktop.org/xorg/xserver/commit/?id=1a573e402ec112913a404f092b5b97d8d9210f94 http://cgit.freedesktop.org/xorg/xserver/commit/?id=22e64108ec63ba9891f8df237913ef9ca731 -- Florian Pritz signature.asc Description: OpenPGP digital signature
Re: [arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
On 20.01.2012 02:18, David J. Haines wrote: On Thu, Jan 19, 2012 at 8:08 PM, Tavian Barnes taviana...@tavianator.com wrote: On 19 January 2012 18:23, Dmitry Korzhevin dkorzhe...@lsupport.net wrote: a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock... Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers. http://seclists.org/oss-sec/2012/q1/217 -- Tavian Barnes No Happy Hacking Keyboard (1996 IBM Model M, baby!), but I do use a custom keyboard layout that allows me to type international letters and switch entirely to a phonetic Cyrillic layout. Please check if your custom layout contains the string XF86_ClearGrab (maybe also without the underscore) and if yes, replace it with NoSymbol. Don't forget to reload it afterwards. -- Florian Pritz signature.asc Description: OpenPGP digital signature