On 20.01.2012 02:18, David J. Haines wrote:
On Thu, Jan 19, 2012 at 8:08 PM, Tavian Barnes <tavianator@tavianator.com> wrote:
On 19 January 2012 18:23, Dmitry Korzhevin <dkorzhevin@lsupport.net> wrote:
a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock...
Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-11...
ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux.
IMO, it's not an X.Org or configuration bug, it's a bug in all the screen lockers.
http://seclists.org/oss-sec/2012/q1/217
-- Tavian Barnes
No Happy Hacking Keyboard (1996 IBM Model M, baby!), but I do use a custom keyboard layout that allows me to type international letters and switch entirely to a phonetic Cyrillic layout.
Please check if your custom layout contains the string "XF86_ClearGrab" (maybe also without the underscore) and if yes, replace it with "NoSymbol". Don't forget to reload it afterwards. -- Florian Pritz