[arch-general] FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up
Tavian Barnes
tavianator at tavianator.com
Thu Jan 19 20:08:12 EST 2012
On 19 January 2012 18:23, Dmitry Korzhevin <dkorzhevin at lsupport.net> wrote:
> a funny bug in the Xorg server that could allow attackers with physical
> access to a machine to bypass the screensaver/screen locker program.
> Most people use those programs to lock their computer when they are
> away. On Gnome, gnome-screensaver is responsible for this. On KDE,
> kscreenlocker is. There is a wide variety of smaller tools doing the
> same thing, e.g. slock, slimlock, i3lock...
>
> Read more:
> http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up
>
> ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux.
IMO, it's not an X.Org or configuration bug, it's a bug in all the
screen lockers.
http://seclists.org/oss-sec/2012/q1/217
--
Tavian Barnes
More information about the arch-general
mailing list