Hi! > Sorry if somebody has noticed this before or is only a stupid remark, but > a few days ago I found that you can kill vlock (and similar programs that > lock all linux consoles) with the alt+sysrq+k key combination on LiNUX 2.2.X > and 2.3.X (if you enabled magic keys when you compiled the kernel) so > someone could bypass the console locking and althought he cannot access the > session where vlock was ejecuted (because it has been killed), he can access > the other posibly opened sessions on other consoles. So, if you have enabled > the magic keys, using "vlock -a" is not secure!. Magic SysRq is in "kernel hacking" section. If you enable it, and you are not kernel hacker, you loose. (If you are kernel hacker, you certainly don't want mere mortals access your console, do you? Read help entry: CONFIG_MAGIC_SYSRQ If you say Y here, you will have some control over the system even if the system crashes for example during kernel debugging (e.g., you will be able to flush the buffer cache to disk, reboot the system immediately or dump some status information). This is accomplished by pressing various keys while holding SysRq (Alt+PrintScreen). The keys are documented in Documentation/sysrq.txt. Don't say Y unless !!!!!!!!!!!!!!!!!! you really know what this hack does. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! If you did not realize it allows people to bypass vlock -a, you did not know what it does, and you should not have enabled it :-). There are even more nasty things you can do with magic sysrq: remounting harddrives readonly causing syslogd to die is probably most funny, killing Xserver can also be funny... Pavel -- I'm really pavelat_private Look at http://195.113.31.123/~pavel. Pavel Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:55:47 PDT