Xserver screen locking/virtual console security

rfarma5 · 06-23-2004, 04:41 PM

I have done some searching around but have not been able to find a satisfactory answer to this question, perhaps due to the fact that I am not sure exactly what terms to use in my searching.

When you have not set up xdm, kdm, gdm, etc - and are just using the plain old text login, then using "startx" to begin your xsession, I seem to have found a security "issue" that I cannot find an answer for...
When using either xlock or kde's screen saver/Lock Desktop feature w/ password protection, if you push a button or move the mouse it will prompt for a password, however using the CTRL-ALT-F1 combination brings me to the tty0 where the X session was started from. I can then use Ctrl-Z to background the startx process and kill off the screensaver process, switch back to virtual console 7 and just like that I've defeated the "Lock Desktop" mechanism. At home this is not a concern, however at work I lock my computer every time I step away even for a moment, yet it seems to be wide open to any knowledgeable person.

If this is a common problem/issue that has already been addressed, please at least point me in the right direction, or at most tell me how to secure against this type of workaround.

Thanks

ToniT · 06-23-2004, 05:27 PM

Code:

startx &
disown
exit

or

Code:

startx
[Ctrl-Z]
bg
disown
exit

The disown command throws the child process (startx) out of the shell session so that it is not killed (with HUP) when the shell is closed. exit closes the shell.
(BTW: I'm assuming you are using bash.)

rfarma5 · 06-23-2004, 05:36 PM

indeed I am using bash... thanks for the answer, I'll have to give it a round and then see what I can make of turning it into a shell script so I don't have to do that every time.

Thanks