Roman Garcia wrote:>
> Hi,
> Maybe I found a hole in the security on Linux running X-Windows.
> Supose that you logged as root. If you locks the screen (at least
> using openwindows+virtual desktop and xlock), anybody can press
> <Ctrl><Alt><Backspace>, that kills the xserver, giving
the root
> prompt in the console. You can disable this in the XF86Config file,
> but anybody can press <Ctrl><Alt><Fn> and then
<Ctrl><C> killing the
> xserver and giving the root prompt.
> How can disable <Ctrl><Alt>F_n>? Are there other ways to get
root
> prompt? How much secure is xlock?
> Thanks in advance. Roman Garcia.
There was talk about allowing a config option to disable console
switching on the XFree list. I don''t rember wether that was added or
not, and what the option would be.
There are several ways to prevent the "root" access you describe.
You could use "xdm". That way nobody has to login on a VC to start
X. If you don''t have enough memory to allow running xdm all the time,
you can type
exec startx
instead of the normal "startx". This should log you out as soon as
the X server quits.
Roger.