[633] in linux-security and linux-alert archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[linux-security] Security hole in xlock

daemon@ATHENA.MIT.EDU (Robert Nichols)
Sun Mar 10 16:31:39 1996

Date: Thu, 7 Mar 96 07:06 CST
From: rnichols@interaccess.com (Robert Nichols)
To: linux-security@tarsier.cv.nrao.edu

I don't know whether this is Linux-specific, but 'xlock' really should
disable Ctrl-Alt-Backspace.  If X is started from a login session, C-A-B
allows anyone walking up to the keyboard to escape back to the invoking
user's login shell unless that user had the foresight to use 'exec' when
invoking X.

BTW, I'm still running XFree86 2.1.1.  I apologize if this has been
fixed in a newer release.

-- 
Bob Nichols         rnichols@interaccess.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[633] in linux-security and linux-alert archive

[linux-security] Security hole in xlock

daemon@ATHENA.MIT.EDU (Robert Nichols)Sun Mar 10 16:31:39 1996

daemon@ATHENA.MIT.EDU (Robert Nichols)
Sun Mar 10 16:31:39 1996