FS#28008 - Bypass screensaver/locker program on xorg 1.11 and up

Attached to Project: Arch Linux
Opened by Dmitry Korzhevin (dkorzhevin) - Thursday, 19 January 2012, 23:21 GMT
Last edited by Ionut Biru (wonder) - Thursday, 19 January 2012, 23:24 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To No-one
Architecture All
Severity Critical
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

a funny bug in the Xorg server that could allow attackers with physical access to a machine to bypass the screensaver/screen locker program. Most people use those programs to lock their computer when they are away. On Gnome, gnome-screensaver is responsible for this. On KDE, kscreenlocker is. There is a wide variety of smaller tools doing the same thing, e.g. slock, slimlock, i3lock...

Read more: http://gu1.aeroxteam.fr/2012/01/19/bypass-screensaver-locker-program-xorg-111-and-up

ctrl+atl+*(on num lock keyboard) confirmed and work in arch linux.
This task depends upon

Closed by  Ionut Biru (wonder)
Thursday, 19 January 2012, 23:24 GMT
Reason for closing:  Duplicate
Additional comments about closing:   FS#27993 

Loading...