[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Major Surprise with xdm on 3.7
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: Major Surprise with xdm on 3.7
- From: hellsop_(_at_)_ninehells_(_dot_)_com
- Date: Mon, 15 Aug 2005 18:44:48 -0500
- Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
- Reply-to: hellsop_(_at_)_ninehells_(_dot_)_com
On Fri, Aug 12, 2005 at 05:39:37AM -0500, Dave Feustel wrote:
> On Thursday 11 August 2005 19:35, Justin Reigle wrote:
> > > I now think that there is a security advantage to using xdm to bring up
> > > KDE - namely, that there is no unprotected console session which can be
> > > hijacked by someone sitting down at the computer, finding the session
> > > from which KDE was started, and putting startkde in the background.
> > >
> > Well, what happens when they reboot the box, go in with boot -s,
> > get the root shell and cause havoc?
> The computer requires a password to reboot.
Clever. A password-protected power switch...
> > If you're that concerned about people
> > sitting down in front of your machine to cause problems, then protect it
> > with something physical (e.g. caged rack with lock).
> Actually I'm not particularly concerned about this right now.
What problem are you wanting to solve then?
73. I will not agree to let the heroes go free if they win a rigged contest,
even though my advisors assure me it is impossible for them to win.
--Peter Anspach's list of things to do as an Evil Overlord