[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Security hole (or feature ;) in KDE Screensavers
From: Geert Jansen <g.t.jansen () stud ! tue ! nl>
Date: 1999-10-16 18:16:30
[Download RAW message or body]
Markus Goetz wrote:
> when i use a screen saver to protect my computer while i am away, anybody who
> wants to acess my computer needs the password.
>
> But this is really NO PROTECTION ... if i do a startx from tty1, my X11 is on
> tty7 .. The one who wants acess to my account when i am away from my desktop
> does just have to press CTRL+ALT+F1, then he gets to the X11 Output where i
> used startx to start X11... so now he just has to press CTRL+C to kill X11 and
> has acess to my account and may type rm -rf $HOME ...
>
> So why the hell is there a password protection in the kde screen savers if it
> is useless ???
It is safe when you start X from x/kdm. This is recommended anyway because
then the X server doesn't need to be suid root.
Greetings,
--
Geert Jansen email: <g.t.jansen at stud.tue.nl>
Phylosopher, Physicist PGP key ID: 0xD2B5E7CE
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic