On 20.01.2012 02:08, Tavian Barnes wrote: > On 19 January 2012 18:23, Dmitry Korzhevin <dkorzhevin@xxxxxxxxxxxx> wrote: >> a funny bug in the Xorg server that could allow attackers with physical >> access to a machine to bypass the screensaver/screen locker program. >> Most people use those programs to lock their computer when they are >> away. On Gnome, gnome-screensaver is responsible for this. On KDE, >> kscreenlocker is. There is a wide variety of smaller tools doing the >> same thing, e.g. slock, slimlock, i3lock... >> >> Read more: >> http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up >> >> ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux. > > IMO, it's not an X.Org or configuration bug, it's a bug in all the > screen lockers. > > http://seclists.org/oss-sec/2012/q1/217 > http://cgit.freedesktop.org/xorg/xserver/commit/?id=1a573e402ec112913a404f092b5b97d8d9210f94 http://cgit.freedesktop.org/xorg/xserver/commit/?id=22e64108ec63ba77779891f8df237913ef9ca731 -- Florian Pritz
Attachment:
signature.asc
Description: OpenPGP digital signature
