Announcement

Collapse
No announcement yet.

An Easy But Serious Screensaver Security Problem In X.Org

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • allquixotic
    replied
    RHEL 6.x is running X.Org Server 1.10.4, so fortunately it isn't vulnerable. RHEL is one of the most likely Linux desktop OSes to be deployed in a public area such as a computer lab at a university, where you really wouldn't want someone to be able to do this.

    That said, I'm sure there is some public computer somewhere in the world where physical access of untrusted users is common/accepted, running X.Org 1.11 or later. Now people know to check before they trust the "lock screen" feature. Good find, Michael (even though you didn't originally find the issue, good job reporting it anyway).

    Leave a comment:


  • gururise
    replied
    Not cool for multi-user systems!

    Leave a comment:


  • johnc
    replied
    definitely a show-stopper

    Leave a comment:


  • guzz46
    replied
    Hang on, so unless I'm missing something all you have to do is press CTRL+ALT+Keypad-Multiply? I assume Keypad-Multiply is the button directly above the number 9 on my keypad? well I just tried those three button combinations and it did nothing, I'm running Linux Mint Debian Edition.

    Leave a comment:


  • gururise
    replied
    Holy Crap!! I just tried this in ArchLinux with all the latest packages and it too is affected by this.

    Leave a comment:

Working...
X