I suggest you take a look at this: https://notabug.org/kl3/slock
it was used to be called "slock for the absolute paranoid", but this dude
wanted to go further with it and make it fit his taste, but there are some security stuff he did there, check it out. -- Raiz On 2016-09-28 21:33, FRIGN wrote:
Hello fellow hackers, the question has been floating around for quite some time on the internet, but I think it is a good place to answer it in the manual of our screen locker. Is slock really secure and if not, how can I harden it so that nobody can access my machine? There are two ways one can possibly circumvent a locked X screen (not including security holes in the Kernel) 1) switch to a different VT that is logged in. Then there, proceed to kill slock and switch back the now unlocked VT. 2) kill the X server with Ctrl+Alt+Backspace (if enabled). If no login manager is used, this yields an open shell. All work within the X session is usually lost, but the attacker still has access to the user data. Sysrq can be used to kill all running processes, but this also logs out the user and thus is no problem. I did not add it here because if somebody wants to "pwn" the user he can just unplug the computer or take out the battery to destroy all the work. You can disable VT switching and Ctrl+Alt+Backspace (this also overrides the local Xkb settings and is thus foolproof) for sure by setting two options in xorg.conf. See the patch for details on the instructions. Cheers FRIGN
