Hi,
On Sonntag, 18. April 2010, Julien Cristau wrote:
> I don't think there's anything the screensavers can sensibly do there.
> So I'm going to close this bug.
564079 is the same bug but for kscreensaver, closing this one too.
> Version 2.6.32-9 of the Debian kernel includes a change by Bastian
Your message dated Sun, 18 Apr 2010 16:59:19 +0200
with message-id <20100418145919.ga9...@patate.is-a-geek.org>
and subject line Re: Bug#562884: xscreensaver can be killed with Alt+SysRq+F
has caused the Debian Bug report #562884,
regarding xscreensaver can be killed with Alt+SysRq+F
to be
Luca Niccoli wrote:
> What makes more sense to me would be to let root choose to disable the
> most security sensible SysRq keys.
Err, actually I meant to default disabling them.
Setting /proc/sys/kernel/sysrq to 448 would seem reasonable.
Cheers,
Luca
--
To UNSUBSCRIBE, email to debian-bug
Wouldn't a suid program specifically designed to exempt processes from
the OOM killer be a huge security bug? Every user would be able to
kill a machine by memory starvation.
What makes more sense to me would be to let root choose to disable the
most security sensible SysRq keys.
Cheers,
Luca
-
I think that generally disabling SysRq while xscreensaver is running is not a
good idea. It will prevent the use of other commands that might be useful if the
system is behaving troublesome.
I think that a setuid helper specifically for this task is the proper solution,
if it can be ensured that i
Sorry i meant "Why not".
On 31 January 2010 14:26, db wrote:
> Why use sysctl and kernel.sysrq to disable this ability ?
>
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Why use sysctl and kernel.sysrq to disable this ability ?
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Hi,
I wrote to Jamie about this and he frankly doesn't know how to fix
this without doing it as root. I found that with a binary helper with
SETUID may introduce a new security issue and honestly I don't have
the time right now to write the code to patch this bug.
I would like all the help that p
> when sysrq is enabled (and output a warning message).
>
> X screen savers don't run as root.
there could be a setuid helper binary only doing what Uli proposed in
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562884#34
> (I assume by 'sysrq' you mean the
> oom ki
On Thu, Jan 7, 2010 at 16:39:05 +0100, Holger Levsen wrote:
> IMO either the screensaver should disable sysrq while it's locked (and enable
> it after locking) or the screensaver shouldnt lock the screen, when sysrq is
> enabled (and output a warning message).
>
X screen savers don't run as ro
Hi,
just for the record, it IS possible to prevent a process from being killed by
the OOM-killer:
| 3.1 /proc//oom_adj - Adjust the oom-killer score
| --
|
| This file can be used to adjust the score used to select which processes
| should be k
clone 562884 -1
clone 562884 -2
reassign -1 gnome-screensaver
reassign -2 kscreensaver
thanks
Hi,
IMO either the screensaver should disable sysrq while it's locked (and enable
it after locking) or the screensaver shouldnt lock the screen, when sysrq is
enabled (and output a warning message).
Hi,
echo 447 > /proc/sys/kernel/sysrq
works as a hotfix by disabling sysrq+f on affected machines.
Note: Gnome screensaver is vulnerable as well.
--
Håvard Espeland
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listma
On 2009-12-29 05:07, Nico Golde wrote:
> Hi,
> * Lars Olav Dybsjord [2009-12-28 21:23]:
> > I'm a bit new to this bugreporting stuff. I have however discovered that it
> > is possible to kill xscreensaver with Alt+SysRq+F (if this function is not
> > disabled). This may comprimise security when xs
Hi,
* Lars Olav Dybsjord [2009-12-28 21:23]:
> I'm a bit new to this bugreporting stuff. I have however discovered that it
> is possible to kill xscreensaver with Alt+SysRq+F (if this function is not
> disabled). This may comprimise security when xscreensaver-command is used
> with the -lock optio
Package: xscreensaver
Version: 4.24-5
Severity: grave
Tags: security
Justification: user security hole
Hi,
I'm a bit new to this bugreporting stuff. I have however discovered that it
is possible to kill xscreensaver with Alt+SysRq+F (if this function is not
disabled). This may comprimise security
16 matches
Mail list logo
