[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Security hole (or feature ;) in KDE Screensavers
From: Rob Kaper <cap () capsi ! cx>
Date: 1999-10-16 18:31:54
[Download RAW message or body]
On Sat, Oct 16, 1999 at 09:40:25PM +0200, Markus Goetz wrote:
> But this is really NO PROTECTION ... if i do a startx from tty1, my X11 is on
> tty7 .. The one who wants acess to my account when i am away from my desktop
> does just have to press CTRL+ALT+F1, then he gets to the X11 Output where i
> used startx to start X11... so now he just has to press CTRL+C to kill X11 and
> has acess to my account and may type rm -rf $HOME ...
>
> So why the hell is there a password protection in the kde screen savers if it
> is useless ???
It is not.
I have 'startx' aliased as 'exec startx', which means my shell is being
replaced with the startx command/program and as soon as X terminates I will
be logged out.
Also, not everyone enters KDE/X throught startx. Many users log in via
xdm/kdm from a special runlevel, or connect from a X-terminal (the actual
account etc would be located on a completely different computer).
Why the hell is there password protection in Linux when it's useless? Anyone
with a bootdisk or two can mount the original harddrive, use a passwd tool
on /mnt/etc/passwd and change the root password.
Rob
--
Rob Kaper | mail: cap@capsi.com + cap@capsi.cx
| web: http://capsi.com/ + http://capsi.cx/
| "With a bushel of apples, you can have a hell of a time with the
| doctor's wife."
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic