On 10/27/20 2:37 PM, evado...@gmail.com wrote:
Qubes by default protected from this key combinations?

Backdoor #1: Ctrl-Alt-Backspace.

     This keystroke kills the X server, and on some systems, leaves you at a
text console. If the user launched X11 manually, that text console will
still be logged in. To disable this keystroke globally and permanently, you
need to set the DontZap flag in your xorg.conf or XF86Config or
XF86Config-4 file (whichever name is in use on your system). See the manual
for XF86Config (or variant) for more details.

Didn't work with physlock, but I don't have xscreenlock.
I wonder where #2 went. ;-)

Backdoor #3: Alt-SysRq-F.

     This is the Linux kernel "OOM-killer" keystroke. It shoots down random
long-running programs of its choosing, and so might might target and kill
xscreensaver, and there's no way for xscreensaver to protect itself from
that. You can disable it globally with: sudo 'echo 176 >

I got "This sysrq operation is disabled" for that one.

     (As of version 5.41, if xscreensaver is setuid, and you are running
Linux 2.6.37 or newer, xscreensaver attempts to request that the kernel's
out-of-memory assassin not randomly unlock the screen on you, but it's only
a request.)
Backdoor #4: Ctrl-Alt-KP_Multiply.

     This keystroke kills any X11 app that holds a lock, so typing this will
kill xscreensaver and unlock the screen. This "feature" showed up in the X
server in 2008, and as of 2011, some vendors are shipping it turned on by
default. How nice. You can disable it by turning off AllowClosedownGrabs in

No keypad to test...

You might be interested in [1] and [2].

[2] https://github.com/QubesOS/qubes-issues/issues/1917

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to