Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience

To: debian-user@lists.debian.org
Subject: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
From: Vincent Lefevre <vincent@vinc17.net>
Date: Tue, 25 Mar 2014 14:03:15 +0100
Message-id: <[🔎] 20140325130315.GA26797@ypig.lip.ens-lyon.fr>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20140325100812.GG14465@sid.nuvreauspam>
References: <[🔎] CAOsGNSSDt+5w-tEAiJNkFNkL0TMcLF4LjUiOkkW+oXDFiei2pQ@mail.gmail.com> <[🔎] 20140321060351.GB14465@sid.nuvreauspam> <[🔎] 21291.64953.782916.83121@mail.eng.it> <[🔎] 20140321094638.GD14465@sid.nuvreauspam> <[🔎] 20140321103402.GA10490@darac.org.uk> <[🔎] 20140325100812.GG14465@sid.nuvreauspam>

On 2014-03-25 12:08:12 +0200, Andrei POPESCU wrote:
> Alt-SysRq-F is disabled on sid:
> mar 25 12:03:28 sid kernel: SysRq : This sysrq operation is disabled.

But what if someone logs in, uses all the memory left (possibly not
even in a malicious way) so that this triggers the OOM killer, and
the OOM killer chooses the screen saver as the application to kill?

The right thing is that the screen saver should protect itself
against the OOM killer.

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to:

References:
- Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Zenaan Harkness <zen@freedbms.net>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: "Gian Uberto Lauri" <saint@eng.it>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Darac Marjal <mailinglist@darac.org.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Andrei POPESCU <andreimpopescu@gmail.com>

Prev by Date: design package recommendation
Next by Date: kscreensaver and kerberos, strange behaviour
Previous by thread: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
Next by thread: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
Index(es):
- Date
- Thread