On Tue, Mar 05, 2002 at 08:04:19AM +0200, Shlomi Fish wrote: > > I always considered Run Level 5 as a very bad idea, which I'll never want > to use. However, I recently run into a dillema here at the Computer > Networks farm. If I start X from the console and lock it, then a malicious > user can switch to the console from which it was invoked, press Ctrl+C or > Ctrl+Z and gain my permissions. > > Naturally, there are ways to overcome it:
Oh, just use "exec startx" instead of "startx", and the attacker will have no login shell left to attack. "startx >startx.log 2>&1 </dev/null & exit" if you don't want to leave startx on the tty either. That is sort of what xdm does, too. I love it when seemingly complicated problems can be solved with basic UNIX concepts :) ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
