Screen Locking Problems
David Curry
dsccable at comcast.net
Thu Mar 3 03:32:37 UTC 2005
Matthew Miller wrote:
>On Wed, Mar 02, 2005 at 04:23:37PM -0500, David Curry wrote:
>
>
>>back to init level 3. If the user's username and password are known to
>>someone else, that someone else could easily kill the X session and log
>>back in to X.org as the party who set the screenlock. In addition,
>>
>>
>
>Errr, if they know the username and password, they could just unlock the
>screensaver, with no need to kill the session.
>
>
>
Twas dumb. Fingers working faster than the brain.
>>Screensaver -> Help - > Frequently Asked questions -> #22 points out
>>that if the user is logged into a non-X console session, Ctl-Alt-F1 on
>>the keyboard will switch the screen to that non-X console.
>>
>>
>
>And again require a login. If you want to disable this (for a kiosk, say),
>set the DontVTSwitch option to true. (You can also set DontZap, to disable
>Ctrl-Alt-Backspace, if you want.)
>
>
>
Thanks for the info.
>>I haven't really explored either one of the things suggested by the faq,
>>but it seems to me that screen lock has real weaknesses as an overnight
>>security measure.
>>
>>
>
>It might, but I don't see how it's the things you've listed.
>
>
>
>
More information about the fedora-list
mailing list