Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience

To: debian-user@lists.debian.org
Subject: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
From: Brian <ad44@cityscape.co.uk>
Date: Fri, 21 Mar 2014 17:54:08 +0000
Message-id: <[🔎] 20140321175408.GD4030@copernicus.demon.co.uk>
In-reply-to: <[🔎] 20140321123757.653c8c4e@mydesk>
References: <[🔎] CAOsGNSSDt+5w-tEAiJNkFNkL0TMcLF4LjUiOkkW+oXDFiei2pQ@mail.gmail.com> <[🔎] 20032014141516.0992330632ae@desktop.copernicus.demon.co.uk> <[🔎] 20140321092421.GA15054@bryant.redmars.org> <[🔎] 20140321095203.GB4030@copernicus.demon.co.uk> <[🔎] 20140321102454.GA16657@bryant.redmars.org> <[🔎] 21032014103947.7b37bc831857@desktop.copernicus.demon.co.uk> <[🔎] CAOZWb-q+WwdAdB6Nz0RrHPRqvmZC0_Y3oi36V55A2H7yRFO9OQ@mail.gmail.com> <[🔎] 20140321123757.653c8c4e@mydesk>

On Fri 21 Mar 2014 at 12:37:57 -0400, Steve Litt of Troubleshooters.Com wrote:

> On Fri, 21 Mar 2014 11:06:03 +0000
> Robin <rc.rattusrattus@gmail.com> wrote:
> 
> > I may have missed something. If someone has physical access to your
> > machine can't they just power off and go into single user mode and
> > change the root password?
> 
> Unless you have a BIOS password or encrypted root partition (or
> encrypted partition where /etc resides), yes. The OP's point was that
> those things take 5 minutes, whereas killing X started by startx gives
> the guy a logged-in command prompt in about 5 seconds, especially if
> Ctrl+Alt+Backspace is enabled to instantly kill X.

I'm having difficulty seeing any inherent "insecurity" in startx (or in
sudo for that matter) and crediting the OP's two points with any
particular importance.  Firstly, a logged-in command prompt is there
without killing X and secondly you don't need to leave X to kill X.

Giving anyone free run of your account can lead to anything happening
unless you take steps to avoid it.

Reply to:

References:
- Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Zenaan Harkness <zen@freedbms.net>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Brian <ad44@cityscape.co.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Jonathan Dowland <jmtd@debian.org>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Brian <ad44@cityscape.co.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Jonathan Dowland <jmtd@debian.org>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Brian <ad44@cityscape.co.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Robin <rc.rattusrattus@gmail.com>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: "Steve Litt of Troubleshooters.Com" <littdom@gmail.com>

Prev by Date: OT: Toshiba laptop suitability
Next by Date: rcu_sched self-detected stall on CPU { 0}
Previous by thread: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
Next by thread: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
Index(es):
- Date
- Thread