Re: bypass xlock/slock
Thus said Alex Greif on Mon, 09 Mar 2015 10:25:28 +0100: > - run X session with startx Run: exec startx Instead. Andy -- TAI64 timestamp: 400054fdc9c3
Re: bypass xlock/slock
Alexandre Ratchov wrote: > On Mon, Mar 09, 2015 at 10:25:28AM +0100, Alex Greif wrote: > > Hi, > > > > I am currently trying to find a solution to lock my desktop system (openbsd > > 5.6, amd64), but with the following steps I can always bypass xlock or > > slock: > > > > - run X session with startx > > - lock it with xlock or slock > > - switch to text console 2 (with [CTRL]+[ALT]+[F2]) > > - switch to text console 1, where X server seems to run in foreground. The > > last message is (II) AIGLX: Suspending AIGLX clients fro VT switch > > ... now the problem begins... > > - CTRL-C a few times > > - xinit is killed > > - you are in the login shell of the user who locked the screen ... arrgh > > > > Is there a security advice how to prevent killing the X session by switching > > the text console and killing xinit? > > starting X with "exec startx" prevents ^C from returning to the > shell Note that if you log out of the console, you give up ownership of /dev/drm so the pretty spinning gears won't be as pretty. you can use lock to lock a terminal.
Re: bypass xlock/slock
On 3/9/15, Tim van der Molen wrote: > > Another solution: startx & lock -np > This is the method I use, as well.
Re: bypass xlock/slock
Alexandre Ratchov (2015-03-09 11:30 +0100): > On Mon, Mar 09, 2015 at 10:25:28AM +0100, Alex Greif wrote: > > Hi, > > > > I am currently trying to find a solution to lock my desktop system (openbsd > > 5.6, amd64), but with the following steps I can always bypass xlock or > > slock: > > > > - run X session with startx > > - lock it with xlock or slock > > - switch to text console 2 (with [CTRL]+[ALT]+[F2]) > > - switch to text console 1, where X server seems to run in foreground. The > > last message is (II) AIGLX: Suspending AIGLX clients fro VT switch > > ... now the problem begins... > > - CTRL-C a few times > > - xinit is killed > > - you are in the login shell of the user who locked the screen ... arrgh > > > > Is there a security advice how to prevent killing the X session by switching > > the text console and killing xinit? > > starting X with "exec startx" prevents ^C from returning to the > shell Another solution: startx & lock -np
Re: bypass xlock/slock
On Mon, Mar 9, 2015 at 10:30 AM, Abel Abraham Camarillo Ojeda wrote: > On Mon, Mar 9, 2015 at 3:25 AM, Alex Greif wrote: >> Hi, >> >> I am currently trying to find a solution to lock my desktop system (openbsd >> 5.6, amd64), but with the following steps I can always bypass xlock or >> slock: >> >> - run X session with startx >> - lock it with xlock or slock >> - switch to text console 2 (with [CTRL]+[ALT]+[F2]) >> - switch to text console 1, where X server seems to run in foreground. The >> last message is (II) AIGLX: Suspending AIGLX clients fro VT switch >> ... now the problem begins... >> - CTRL-C a few times >> - xinit is killed >> - you are in the login shell of the user who locked the screen ... arrgh >> >> Is there a security advice how to prevent killing the X session by switching >> the text console and killing xinit? >> >> thanks, >> Alex >> > > you could run xdm(1)... > alias startx='exec /usr/X11R6/bin/startx'
Re: bypass xlock/slock
On Mon, 9 Mar 2015 03:30:44 -0600 Abel Abraham Camarillo Ojeda wrote: > On Mon, Mar 9, 2015 at 3:25 AM, Alex Greif wrote: > > Hi, > > > > I am currently trying to find a solution to lock my desktop system (openbsd > > 5.6, amd64), but with the following steps I can always bypass xlock or > > slock: > > > > - run X session with startx > > - lock it with xlock or slock > > - switch to text console 2 (with [CTRL]+[ALT]+[F2]) > > - switch to text console 1, where X server seems to run in foreground. The > > last message is (II) AIGLX: Suspending AIGLX clients fro VT switch > > ... now the problem begins... > > - CTRL-C a few times > > - xinit is killed > > - you are in the login shell of the user who locked the screen ... arrgh > > > > Is there a security advice how to prevent killing the X session by switching > > the text console and killing xinit? > > > > thanks, > > Alex > > > > you could run xdm(1)... > this is probably the best option, but if you really want to start x that way use tmux(1): $ tmux startx and then type 'control-b d' to detach, and log out.
Re: bypass xlock/slock
On Mon, Mar 09, 2015 at 10:25:28AM +0100, Alex Greif wrote: > Hi, > > I am currently trying to find a solution to lock my desktop system (openbsd > 5.6, amd64), but with the following steps I can always bypass xlock or > slock: > > - run X session with startx > - lock it with xlock or slock > - switch to text console 2 (with [CTRL]+[ALT]+[F2]) > - switch to text console 1, where X server seems to run in foreground. The > last message is (II) AIGLX: Suspending AIGLX clients fro VT switch > ... now the problem begins... > - CTRL-C a few times > - xinit is killed > - you are in the login shell of the user who locked the screen ... arrgh > > Is there a security advice how to prevent killing the X session by switching > the text console and killing xinit? starting X with "exec startx" prevents ^C from returning to the shell
Re: bypass xlock/slock
thanks for the tips/answers, I will use xdm in future Alex.
Re: bypass xlock/slock
On Mon, Mar 09, 2015 at 03:30:44AM -0600, Abel Abraham Camarillo Ojeda wrote: > On Mon, Mar 9, 2015 at 3:25 AM, Alex Greif wrote: > > Hi, > > > > I am currently trying to find a solution to lock my desktop system (openbsd > > 5.6, amd64), but with the following steps I can always bypass xlock or > > slock: > > > > - run X session with startx > > - lock it with xlock or slock > > - switch to text console 2 (with [CTRL]+[ALT]+[F2]) > > - switch to text console 1, where X server seems to run in foreground. The > > last message is (II) AIGLX: Suspending AIGLX clients fro VT switch > > ... now the problem begins... > > - CTRL-C a few times > > - xinit is killed > > - you are in the login shell of the user who locked the screen ... arrgh > > > > Is there a security advice how to prevent killing the X session by switching > > the text console and killing xinit? > > > > thanks, > > Alex > > > > you could run xdm(1)... xdm would start X as user _x11 which in turn makes impossible for programs to use shared memory to display images.
Re: bypass xlock/slock
On Mon, Mar 9, 2015 at 3:25 AM, Alex Greif wrote: > Hi, > > I am currently trying to find a solution to lock my desktop system (openbsd > 5.6, amd64), but with the following steps I can always bypass xlock or > slock: > > - run X session with startx > - lock it with xlock or slock > - switch to text console 2 (with [CTRL]+[ALT]+[F2]) > - switch to text console 1, where X server seems to run in foreground. The > last message is (II) AIGLX: Suspending AIGLX clients fro VT switch > ... now the problem begins... > - CTRL-C a few times > - xinit is killed > - you are in the login shell of the user who locked the screen ... arrgh > > Is there a security advice how to prevent killing the X session by switching > the text console and killing xinit? > > thanks, > Alex > you could run xdm(1)...
bypass xlock/slock
Hi, I am currently trying to find a solution to lock my desktop system (openbsd 5.6, amd64), but with the following steps I can always bypass xlock or slock: - run X session with startx - lock it with xlock or slock - switch to text console 2 (with [CTRL]+[ALT]+[F2]) - switch to text console 1, where X server seems to run in foreground. The last message is (II) AIGLX: Suspending AIGLX clients fro VT switch ... now the problem begins... - CTRL-C a few times - xinit is killed - you are in the login shell of the user who locked the screen ... arrgh Is there a security advice how to prevent killing the X session by switching the text console and killing xinit? thanks, Alex