Re: Bug#564079: Is this really a screensaver issue?
- To: Josselin Mouette <joss@debian.org>
- Cc: 564079@bugs.debian.org, Nico Golde <nion@debian.org>, Guido Günther <agx@sigxcpu.org>, Lars Olav Dybsjord <larsod@ping.uio.no>, Holger Levsen <holger@layer-acht.org>, debian-kernel@lists.debian.org
- Subject: Re: Bug#564079: Is this really a screensaver issue?
- From: Bastian Blank <waldi@debian.org>
- Date: Tue, 26 Jan 2010 16:15:20 +0100
- Message-id: <[🔎] 20100126151520.GA8278@wavehammer.waldi.eu.org>
- Mail-followup-to: Josselin Mouette <joss@debian.org>, 564079@bugs.debian.org, Nico Golde <nion@debian.org>, Guido Günther <agx@sigxcpu.org>, Lars Olav Dybsjord <larsod@ping.uio.no>, Holger Levsen <holger@layer-acht.org>, debian-kernel@lists.debian.org
- In-reply-to: <[🔎] 1264511713.9348.19.camel@meh>
- References: <20100123103716.GA14905@bogon.sigxcpu.org> <[🔎] 1264501316.9348.12.camel@meh> <[🔎] 20100126110012.GA5525@wavehammer.waldi.eu.org> <[🔎] 1264511713.9348.19.camel@meh>
On Tue, Jan 26, 2010 at 02:15:13PM +0100, Josselin Mouette wrote:
> Le mardi 26 janvier 2010 à 12:00 +0100, Bastian Blank a écrit :
> > The OOM killer can always be forced with normal processes as long as
> > over-commitment is enabled. So it is never save to add security measures
> > within processes that can be killed seperately.
> Do you also have any ideas of what screensavers should do to be secure
> wrt. the OOM killer and similar attack vectors?
Move the locking themself into the X server and export the controls as
extension. If the control process dies, the screen remains locked and
can only be unlocked by a authenticated X connection.
Bastian
--
Beam me up, Scotty! It ate my phaser!
Reply to: