[hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

Hello fellow hackers, the question has been floating around for quite some time on the internet, but I think it is a good place to answer it in the manual of our screen locker. Is slock really secure and if not, how can I harden it so that nobody can access my machine? There are two ways one can

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

On Wed, Sep 28, 2016 at 09:48:25PM +0200, FRIGN wrote: Setting `DontVTSwitch' in xorg.conf(5) disables this feature completely whereas chjj's fork (which mine is based on) blocks it in slock only, which is imho a much saner approach since there are many legitimate reasons to use multiple virtual

[hackers] [slock] Add a section on security considerations || FRIGN

commit bd069b08c5fe4fea3c78f6991a849b19ed40cbe0 Author: FRIGN AuthorDate: Wed Sep 28 20:20:51 2016 +0200 Commit: Markus Teich CommitDate: Wed Sep 28 22:01:58 2016 +0200 Add a section on security considerations The section on

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

On Wed, 28 Sep 2016 22:04:05 +0200 Klemens Nanni wrote: Hey Klemens, > It's implicitly blocked by capturing the keys being pressed and > executing optional steps such as shutting down upon input. what if somebody remaps this functionality? This is possible with Xkb sadly. >

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

On Wed, 28 Sep 2016 21:17:23 +0200 Markus Teich wrote: Hey Markus, > I don't think it is that obvious. Have a look at the discussion > starting from the slock-1.3 announcement on February 12th this year > again. Since the example does not work any more, changing it

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

FRIGN wrote: > > I don't think it is that obvious. Have a look at the discussion starting > > from the slock-1.3 announcement on February 12th this year again. Since the > > example does not work any more, changing it to `slock sudo s2ram` and adding > > a note about the needed line in the sudo

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

On Wed, Sep 28, 2016 at 09:09:24PM +0200, FRIGN wrote: I know this fork, and with the changes presented in this patch, slock is just as secure as his version. The difference is that he for instance implemented ways to upload webcam images to imgur, send SMS's and auto-shutdown when the user

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

I suggest you take a look at this: https://notabug.org/kl3/slock it was used to be called "slock for the absolute paranoid", but this dude wanted to go further with it and make it fit his taste, but there are some security stuff he did there, check it out. -- Raiz On 2016-09-28 21:33, FRIGN

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

PS: I think this is where the code originated: https://github.com/chjj/slock

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

FRIGN wrote: > What you do is call > system("doas setxkbmap -option &"); > which disables Ctrl+Alt+Backspace for the entire session. So you can > only kill your X server until you have locked your screen once. It > won't work afterwards, which sucks and is unpredictable. Heyho, as an

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

On Wed, 28 Sep 2016 21:41:36 +0200 Klemens Nanni wrote: Hey Klemens, > I removed media upload and SMS support since those features can easily > be added using a small wrapper script. I don't see the gain anyway with that but to each his own. If somebody tried to access my

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

FRIGN wrote: > The given example does not work and the usage is so obvious that an example > probably is not necessary here anyway. Heyho, I don't think it is that obvious. Have a look at the discussion starting from the slock-1.3 announcement on February 12th this year again. Since the example

Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations

Klemens Nanni wrote: > Setting `DontVTSwitch' in xorg.conf(5) disables this feature completely > whereas chjj's fork (which mine is based on) blocks it in slock only, which is > imho a much saner approach since there are many legitimate reasons to use > multiple virtual terminals. > > Same story

[hackers] [scc] [cc1] Fix size/offset calculation for structs || Roberto E. Vargas Caballero

commit 9761a80a98bd2f59d922f83862f4faa7a4389861 Author: Roberto E. Vargas Caballero AuthorDate: Wed Sep 28 12:28:00 2016 +0200 Commit: Roberto E. Vargas Caballero CommitDate: Wed Sep 28 12:28:00 2016 +0200 [cc1] Fix size/offset calculation for

[hackers] [scc] [cc1] Simplify expression in types.c || Roberto E. Vargas Caballero

commit bea83b8b7641be12d18d3f69f658261459de7fc4 Author: Roberto E. Vargas Caballero AuthorDate: Wed Sep 28 12:34:53 2016 +0200 Commit: Roberto E. Vargas Caballero CommitDate: Wed Sep 28 12:34:53 2016 +0200 [cc1] Simplify expression in types.c diff

[hackers] [scc] [cc2-qbe] Jump at the end in switches || Roberto E. Vargas Caballero

commit 95ac9724aaa7e8aecbfc0b354ab30a096c08ebbd Author: Roberto E. Vargas Caballero AuthorDate: Wed Sep 28 11:49:57 2016 +0200 Commit: Roberto E. Vargas Caballero CommitDate: Wed Sep 28 11:49:57 2016 +0200 [cc2-qbe] Jump at the end in switches

[hackers] [scc] [tests] Add a list of tests for scc || Roberto E. Vargas Caballero

commit fb1c921d30051447b2de4fb500de943e270756fe Author: Roberto E. Vargas Caballero AuthorDate: Wed Sep 28 11:56:19 2016 +0200 Commit: Roberto E. Vargas Caballero CommitDate: Wed Sep 28 11:56:19 2016 +0200 [tests] Add a list of tests for scc

[hackers] [scc] [cc1] Fix redeclaration of tags || Roberto E. Vargas Caballero

commit 44123dfb36d1c0ba6b428d89a870679f4f7ff86e Author: Roberto E. Vargas Caballero AuthorDate: Wed Sep 28 11:32:54 2016 +0200 Commit: Roberto E. Vargas Caballero CommitDate: Wed Sep 28 11:32:54 2016 +0200 [cc1] Fix redeclaration of tags A