Am I missing something or is this a HUGE security flaw?
If someone told me he could enter in my accout if I left my screen
locked I would say he's nuts, but that's exactly what I found out.
It is a simple combinated use of X and xlock when xdm isn't used.
How? Let's say someone simply locks his computer with xlock.
All you need to do is change to text virtual console 1 with
CTRL-ALT-F1 (or whatever console X was started in) and press
CTRL-C. That will kill X and give you the person's login.
Am I missing something?
--
Luiz Otavio L. Zorzella Product Engineer
zorzella@conexware.com http://www.conexware.com
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: