Date: Thu, 10 Dec 1998 22:41:16 +0100 From: Mark Huizer <freebsd@xaa.iae.nl> To: Michael Borowiec <mikebo@Mcs.Net> Cc: questions@FreeBSD.ORG Subject: Re: Securing the FreeBSD console Message-ID: <19981210224116.A810@ariel.xaa.iae.nl> In-Reply-To: <199812091734.LAA05725@Mars.mcs.net>; from Michael Borowiec on Wed, Dec 09, 1998 at 11:34:00AM -0600 References: <199812091715.MAA32666@laker.net> <199812091734.LAA05725@Mars.mcs.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> First of all, in larger companies, development engineers are rarely > responsible for plant security - and the plant security people are not > responsible for computer security. So it falls to the UNIX admin... > It's still a problem, even though you think it's absurd. > > Of course, physical access is everything. That's fundamental... However, > xlock is SUPPOSED to provide a modicum of security. Otherwise it's just a > screen saver, and then what's the point of it requiring a password?! > > My point is simply this: If xlock will not provide the security that > reasonable people have come to expect, due to keyboard escapes in > underlying systems, those HOLES should be documented. Not a lot to ask... > You can't blame the X server for being started as a simple user program. I'd say this is the expected behaviour, and I'd like it that way. two ways to solve your problem: use 'exec startx' instead of 'startx' to start your server, so a controlC or controlZ will just drop you to the login prompt. or... run X from init (put it in /etc/ttys), so ppl have their login there, and not on a text prompt. All trouble solved. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981210224116.A810>