Screenlock backdoors and how to close them The 2019 Stack Overflow Developer Survey Results Are In Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) 2019 Community Moderator Election ResultsHow can I lock my screen in Gnome 3 without GDM?Myth or reality: SELinux can confine the root user?How to show time away from computer?How to get Kali Linux to not go to sleep?How to configure XFCE (or X itself or whatever) to run a custom command when the user has been idle for some time?Keyboard doesn't work in X11 after resuming from sleep/suspendHow to display a video on my lock-screen instead of a wallpaper?How to determine if screensaver is active on another sessionScreen turns off after 10 minutes and I can't find out whyHow to unlock Gnome3 screen from command line?

Example of compact Riemannian manifold with only one geodesic.

First use of “packing” as in carrying a gun

How do spell lists change if the party levels up without taking a long rest?

Can the DM override racial traits?

Would an alien lifeform be able to achieve space travel if lacking in vision?

Does Parliament hold absolute power in the UK?

Single author papers against my advisor's will?

Variable with quotation marks "$()"

Can a flute soloist sit?

Student Loan from years ago pops up and is taking my salary

Python - Fishing Simulator

Why are PDP-7-style microprogrammed instructions out of vogue?

Did the UK government pay "millions and millions of dollars" to try to snag Julian Assange?

Didn't get enough time to take a Coding Test - what to do now?

My body leaves; my core can stay

Do warforged have souls?

What do I do when my TA workload is more than expected?

Why don't hard Brexiteers insist on a hard border to prevent illegal immigration after Brexit?

Why not take a picture of a closer black hole?

What's the point in a preamp?

Do I have Disadvantage attacking with an off-hand weapon?

Is it ok to offer lower paid work as a trial period before negotiating for a full-time job?

How to politely respond to generic emails requesting a PhD/job in my lab? Without wasting too much time

Keeping a retro style to sci-fi spaceships?



Screenlock backdoors and how to close them



The 2019 Stack Overflow Developer Survey Results Are In
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
2019 Community Moderator Election ResultsHow can I lock my screen in Gnome 3 without GDM?Myth or reality: SELinux can confine the root user?How to show time away from computer?How to get Kali Linux to not go to sleep?How to configure XFCE (or X itself or whatever) to run a custom command when the user has been idle for some time?Keyboard doesn't work in X11 after resuming from sleep/suspendHow to display a video on my lock-screen instead of a wallpaper?How to determine if screensaver is active on another sessionScreen turns off after 10 minutes and I can't find out whyHow to unlock Gnome3 screen from command line?



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








0















There is a warning in the Archlinux List of security applications. It says that of all possible screen-lockers, only four block tty access: sflock, physlock, Cinnamon Screensaver, MATE Screensaver and GNOME Screensaver.



The XScreenSaver FAQ, meanwhile, lists four backdoors by which someone can gain access to your system when your screen is locked:



  • Ctrl-Alt-Backspace (kill X server, perhaps raise text console)

  • Ctrl-Alt-F1 (F2, ..., etc)(open a virtual console)

  • Alt-SysRq-F (randomly kill a long-running process)

  • Ctrl-Alt-KP_Multiply (kill any X11 app that holds a lock)

The Xscreensaver FAQ gives ways to disable the backdoors.



But are there others? And do those screen-lockers that Archlinux implies are actually block all those backdoors listed in the xscreensaver faq, and whatever other ones there might be?



And if you block all the backdoors in the way suggested in the xscreensaver faq, will your system then be secure enough for you to leave it after locking the screen, suspending the system and closing the lid?



A word from xscreensaver author Jamie Zawinski:




Shouldn't xscreensaver disable Ctrl-Alt-Backspace while the screen is locked?



Yes, it should. Unfortunately, that's not possible with current versions of XFree86 or XOrg. It's as if the developers of X11 and the Linux kernel want to make it as hard as possible for you to lock your screen.



...



There's little that I can do to make the screen locker secure so long
as the kernel and X11 developers are actively working against
security. The strength of the lock on your front door doesn't matter
much so long as someone else in the house insists on leaving a key
under the welcome mat.



In an ideal world, there would be a single X11 request named something like XGrabMagicKeys() that would, analagously to
XGrabKeyboard(), disable all of these magic keystrokes until the
grab was released or the program exited. It should be an X11 call, not
an ioctl(), and especially not a root-only ioctl(). Needless to
say, no such interface exists.







security xorg screen-lock screensaver backdoor







share|improve this question






























    0















    There is a warning in the Archlinux List of security applications. It says that of all possible screen-lockers, only four block tty access: sflock, physlock, Cinnamon Screensaver, MATE Screensaver and GNOME Screensaver.



    The XScreenSaver FAQ, meanwhile, lists four backdoors by which someone can gain access to your system when your screen is locked:



    • Ctrl-Alt-Backspace (kill X server, perhaps raise text console)

    • Ctrl-Alt-F1 (F2, ..., etc)(open a virtual console)

    • Alt-SysRq-F (randomly kill a long-running process)

    • Ctrl-Alt-KP_Multiply (kill any X11 app that holds a lock)

    The Xscreensaver FAQ gives ways to disable the backdoors.



    But are there others? And do those screen-lockers that Archlinux implies are actually block all those backdoors listed in the xscreensaver faq, and whatever other ones there might be?



    And if you block all the backdoors in the way suggested in the xscreensaver faq, will your system then be secure enough for you to leave it after locking the screen, suspending the system and closing the lid?



    A word from xscreensaver author Jamie Zawinski:




    Shouldn't xscreensaver disable Ctrl-Alt-Backspace while the screen is locked?



    Yes, it should. Unfortunately, that's not possible with current versions of XFree86 or XOrg. It's as if the developers of X11 and the Linux kernel want to make it as hard as possible for you to lock your screen.



    ...



    There's little that I can do to make the screen locker secure so long
    as the kernel and X11 developers are actively working against
    security. The strength of the lock on your front door doesn't matter
    much so long as someone else in the house insists on leaving a key
    under the welcome mat.



    In an ideal world, there would be a single X11 request named something like XGrabMagicKeys() that would, analagously to
    XGrabKeyboard(), disable all of these magic keystrokes until the
    grab was released or the program exited. It should be an X11 call, not
    an ioctl(), and especially not a root-only ioctl(). Needless to
    say, no such interface exists.







    security xorg screen-lock screensaver backdoor







    share|improve this question


























      0












      0








      0








      There is a warning in the Archlinux List of security applications. It says that of all possible screen-lockers, only four block tty access: sflock, physlock, Cinnamon Screensaver, MATE Screensaver and GNOME Screensaver.



      The XScreenSaver FAQ, meanwhile, lists four backdoors by which someone can gain access to your system when your screen is locked:



      • Ctrl-Alt-Backspace (kill X server, perhaps raise text console)

      • Ctrl-Alt-F1 (F2, ..., etc)(open a virtual console)

      • Alt-SysRq-F (randomly kill a long-running process)

      • Ctrl-Alt-KP_Multiply (kill any X11 app that holds a lock)

      The Xscreensaver FAQ gives ways to disable the backdoors.



      But are there others? And do those screen-lockers that Archlinux implies are actually block all those backdoors listed in the xscreensaver faq, and whatever other ones there might be?



      And if you block all the backdoors in the way suggested in the xscreensaver faq, will your system then be secure enough for you to leave it after locking the screen, suspending the system and closing the lid?



      A word from xscreensaver author Jamie Zawinski:




      Shouldn't xscreensaver disable Ctrl-Alt-Backspace while the screen is locked?



      Yes, it should. Unfortunately, that's not possible with current versions of XFree86 or XOrg. It's as if the developers of X11 and the Linux kernel want to make it as hard as possible for you to lock your screen.



      ...



      There's little that I can do to make the screen locker secure so long
      as the kernel and X11 developers are actively working against
      security. The strength of the lock on your front door doesn't matter
      much so long as someone else in the house insists on leaving a key
      under the welcome mat.



      In an ideal world, there would be a single X11 request named something like XGrabMagicKeys() that would, analagously to
      XGrabKeyboard(), disable all of these magic keystrokes until the
      grab was released or the program exited. It should be an X11 call, not
      an ioctl(), and especially not a root-only ioctl(). Needless to
      say, no such interface exists.







      security xorg screen-lock screensaver backdoor







      share|improve this question
















      There is a warning in the Archlinux List of security applications. It says that of all possible screen-lockers, only four block tty access: sflock, physlock, Cinnamon Screensaver, MATE Screensaver and GNOME Screensaver.



      The XScreenSaver FAQ, meanwhile, lists four backdoors by which someone can gain access to your system when your screen is locked:



      • Ctrl-Alt-Backspace (kill X server, perhaps raise text console)

      • Ctrl-Alt-F1 (F2, ..., etc)(open a virtual console)

      • Alt-SysRq-F (randomly kill a long-running process)

      • Ctrl-Alt-KP_Multiply (kill any X11 app that holds a lock)

      The Xscreensaver FAQ gives ways to disable the backdoors.



      But are there others? And do those screen-lockers that Archlinux implies are actually block all those backdoors listed in the xscreensaver faq, and whatever other ones there might be?



      And if you block all the backdoors in the way suggested in the xscreensaver faq, will your system then be secure enough for you to leave it after locking the screen, suspending the system and closing the lid?



      A word from xscreensaver author Jamie Zawinski:




      Shouldn't xscreensaver disable Ctrl-Alt-Backspace while the screen is locked?



      Yes, it should. Unfortunately, that's not possible with current versions of XFree86 or XOrg. It's as if the developers of X11 and the Linux kernel want to make it as hard as possible for you to lock your screen.



      ...



      There's little that I can do to make the screen locker secure so long
      as the kernel and X11 developers are actively working against
      security. The strength of the lock on your front door doesn't matter
      much so long as someone else in the house insists on leaving a key
      under the welcome mat.



      In an ideal world, there would be a single X11 request named something like XGrabMagicKeys() that would, analagously to
      XGrabKeyboard(), disable all of these magic keystrokes until the
      grab was released or the program exited. It should be an X11 call, not
      an ioctl(), and especially not a root-only ioctl(). Needless to
      say, no such interface exists.







      security xorg screen-lock screensaver backdoor




      security xorg screen-lock screensaver backdoor






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Apr 9 at 10:50







      markling

















      asked Apr 9 at 10:43









      marklingmarkling

      657




      657




















          0






          active

          oldest

          votes












          Your Answer








          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader:
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          ,
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













          draft saved

          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f511428%2fscreenlock-backdoors-and-how-to-close-them%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes















          draft saved

          draft discarded
















































          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid


          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.

          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f511428%2fscreenlock-backdoors-and-how-to-close-them%23new-answer', 'question_page');

          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          getting Checkpoint VPN SSL Network Extender working in the command lineHow to connect to CheckPoint VPN on Ubuntu 18.04LTS?Will the Linux ( red-hat ) Open VPNC Client connect to checkpoint or nortel VPN gateways?VPN client for linux machine + support checkpoint gatewayVPN SSL Network Extender in FirefoxLinux Checkpoint SNX tool configuration issuesCheck Point - Connect under Linux - snx + OTPSNX VPN Ububuntu 18.XXUsing Checkpoint VPN SSL Network Extender CLI with certificateVPN with network manager (nm-applet) is not workingWill the Linux ( red-hat ) Open VPNC Client connect to checkpoint or nortel VPN gateways?VPN client for linux machine + support checkpoint gatewayImport VPN config files to NetworkManager from command lineTrouble connecting to VPN using network-manager, while command line worksStart a VPN connection with PPTP protocol on command linestarting a docker service daemon breaks the vpn networkCan't connect to vpn with Network-managerVPN SSL Network Extender in FirefoxUsing Checkpoint VPN SSL Network Extender CLI with certificate

          Image
          If human space travel is limited by the G force vulnerability, is there a way to counter G forces? Did Shadowfax go to Valinor? Do I have a twin with permutated remainders? Blender 2.8 I can't see vertices, edges or faces in edit mode 1960's book about a plague that kills all white people How can I make my BBEG immortal short of making them a Lich or Vampire? Alternative to sending password over mail? Is it inappropriate for a student to attend their mentor's dissertation defense? Why is Collection not simply treated as Collection<?> Took a trip to a parallel universe, need help deciphering Assassin's bullet with mercury Why is it a bad idea to hire a hitman to eliminate most corrupt politicians? I Accidentally Deleted a Stock Terminal Theme Is there a hemisphere-neutral way of specifying a season? What about the virus in 12 Monkeys? Why can't we play rap on piano? Arrow those variables! Today is the Center Modeling an IP Ad...
          Read more

          Cannot Extend partition with GParted The 2019 Stack Overflow Developer Survey Results Are In Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) 2019 Community Moderator Election ResultsCan't increase partition size with GParted?GParted doesn't recognize the unallocated space after my current partitionWhat is the best way to add unallocated space located before to Ubuntu 12.04 partition with GParted live?I can't figure out how to extend my Arch home partition into free spaceGparted Linux Mint 18.1 issueTrying to extend but swap partition is showing as Unknown in Gparted, shows proper from fdiskRearrange partitions in gparted to extend a partitionUnable to extend partition even though unallocated space is next to it using GPartedAllocate free space to root partitiongparted: how to merge unallocated space with a partition

          Image
          Make it rain characters Keeping a retro style to sci-fi spaceships? How to split my screen on my Macbook Air? How can I define good in a religion that claims no moral authority? does high air pressure throw off wheel balance? Scientific Reports - Significant Figures Relations between two reciprocal partial derivatives? How to delete random line from file using Unix command? How did passengers keep warm on sail ships? How are presidential pardons supposed to be used? Are my PIs rude or am I just being too sensitive? He got a vote 80% that of Emmanuel Macron’s Change bounding box of math glyphs in LuaTeX Match Roman Numerals Was credit for the black hole image misattributed? How to pronounce 1ターン? how can a perfect fourth interval be considered either consonant or dissonant? Working through the single responsibility principle (SRP) in Python when calls are expensive High Q peak in frequency response means what in time domain? ...
          Read more

          Marilyn Monroe Ny fiainany manokana | Jereo koa | Meny fitetezanafanitarana azy.

          Image
          OlonaBiôgrafiaVangovangoMpilalaoMpilalao amin'ny horonantsaryMpamoaka horonantsaryTeraka tamin'ny taona 1926Maty tamin'ny taona 1962 EtazoniaLos Angeles fanitarana azy . Marilyn Monroe Avy amin'i Wikipedia Sauter à la navigation Sauter à la recherche Marilyn Monroe Ankapobeny Anarana Marilyn Monroe Teraka 1 Jiona 1926 Maty 5 Aogositra 1962 Fiaviana sy ny andraikitra Firenena Etazonia Asa : mpilalao mpilalao amin'ny horonantsary mpamoaka horonantsary Fiainana manokana Marilyn Monroe dia mpilalao, mpilalao amin'ny horonantsary, mpamoaka horonantsary mizaka ny zom-pirenen'i Etazonia teraka ny 1 Jiona 1926 tao Los Angeles ary maty ny 5 Aogositra 1962 Ny fiainany manokana | Ny vadiny dia James Dougherty, Joe DiMaggio, Arthur Miller. Jereo koa | Biôgrafia Rohy ivelany | Ao amin'i Freebase: [1] Mbola ambangovangony ity lahatsoratra ity ary tokony hofenoina . Azonao atao ny mandray anjara eto amin'ny Wikipedia amin...
          Read more