Re: [TCLUG:9550] Security Tidbit

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:9550] Security Tidbit
From: Troy Johnson <john1536@tc.umn.edu>
Date: Fri, 29 Oct 1999 11:59:21 -0500
References: <19991029001130.A19568@uswest.net>
Sender: troy@tc.umn.edu



If you have vlock installed you can lock your machine you can do
something like:

	startx & vlock

or if you don't:

	startx & exit

which does exactly the same thing as exec startx.

The important point you've noticed is that you (with Red Hat, by
default) have 6 virtual terminals and possibly an X server running, and
if you don't secure them, they are open to the casual passerby. Try
pressing <CTRL>+<ALT>+<F1> when your screen is xlock-ed and you might
find that you don't have to shutdown X to get at your console.

> One way to slow them down a bit is to disable that function in the
> XF86Config file (I think it's the "DontZap" option?), but I still wanted
> a way to get out of X should things get "funny"...

Absolutely.

Have the happiest Friday possible,

Troy

"Scott K . Johnson" wrote:
> 
> Hello All,
> 
> I recently learned a little security tidbit that I found interesting,
> and thought I'd pass it along.
> 
> When I start my X session, I simply type "startx" at the prompt after
> I've logged into the machine.  When I step away from my desk, or for
> that matter go home for the night, I assumed that because I was running
> a password "protected" screensaver, that I was somewhat protected.
> (In most cases however, if an attacker has physical access your in
> pretty big trouble anyhow...)
> 
> What happens if they walk up, and press <CTL><ALT><BKSP>??  Well, it
> kills X, and dumps you right into your logged in "console" sessioni!!!
> 
> I wasn't very comfortable knowing it was _THAT_ easy...
> 
> One way to slow them down a bit is to disable that function in the
> XF86Config file (I think it's the "DontZap" option?), but I still wanted
> a way to get out of X should things get "funny"...
> 
> A co-worker of mine suggested that when she starts her X session, rather
> than simply typing "startx", she does "exec startx".  When you
> <CTL><ALT><BKSP> out of X when started that way, it will dump you to a
> login prompt rather than your logged in console prompt.
> 
> Most of you veterans probably already knew this, but for the purpose of
> general education I thought it was worth saying.
> 
> And yes, like I said, if the potential attacker has physical access to
> your box, you're pretty much screwed in most cases.  But, the approach
> above should help deter simple stuff...??
> 
> I like starting security discussions anyway, because I always
> learn a lot from the resulting discussions.
> 
> Thoughts, comments, etc??
> 
> Scott K. Johnson
> seker@uswest.net
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org

References:
- Security Tidbit
  - From: "Scott K . Johnson" <seker@uswest.net>

Prev by Date: Re: [TCLUG:9550] Security Tidbit
Next by Date: Re: [TCLUG:9550] Security Tidbit
Prev by thread: Re: [TCLUG:9550] Security Tidbit
Next by thread: Compiling the kernel -- AS86 ??
Index(es):
- Date
- Thread