Hi!
> Sorry if somebody has noticed this before or is only a stupid remark, but
> a few days ago I found that you can kill vlock (and similar programs that
> lock all linux consoles) with the alt+sysrq+k key combination on LiNUX 2.2.X
> and 2.3.X (if you enabled magic keys when you compiled the kernel) so
> someone could bypass the console locking and althought he cannot access the
> session where vlock was ejecuted (because it has been killed), he can access
> the other posibly opened sessions on other consoles. So, if you have enabled
> the magic keys, using "vlock -a" is not secure!.
Magic SysRq is in "kernel hacking" section. If you enable it, and you
are not kernel hacker, you loose. (If you are kernel hacker, you
certainly don't want mere mortals access your console, do you?
Read help entry:
CONFIG_MAGIC_SYSRQ
If you say Y here, you will have some control over the system even
if the system crashes for example during kernel debugging (e.g., you
will be able to flush the buffer cache to disk, reboot the system
immediately or dump some status information). This is accomplished
by pressing various keys while holding SysRq (Alt+PrintScreen). The
keys are documented in Documentation/sysrq.txt. Don't say Y unless
!!!!!!!!!!!!!!!!!!
you really know what this hack does.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
If you did not realize it allows people to bypass vlock -a, you did
not know what it does, and you should not have enabled it :-).
There are even more nasty things you can do with magic sysrq:
remounting harddrives readonly causing syslogd to die is probably most
funny, killing Xserver can also be funny...
Pavel
--
I'm really pavelat_private Look at http://195.113.31.123/~pavel. Pavel
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:55:47 PDT