--5mCyUwZo2JvN/JJP Content-Type: text/plain; charset=us-ascii There's a possible security problem using auto idle logout programs and vt lockers. Try the following: get the pid of your shell, (sleep 10s ; kill -HUP <pid-of-your-shell) & vlock -a after vlock -a, you can't change the virtual console on a Linux terminal. But if you log in, start vlock -a, enter your password you can change vt... The same happens when an auto idle logout program logs you off. The vlock (maybe lockvt also) program doesn't terminate itself after a SIGHUP, which is ok, but after this, anyone can log in, start vlock -a, enters his/her password, and get full access to the console. Possible solutions: - don't use vlock/lockvt - don't use auto idle logout program - as root, never leave your terminal. log off. if you want to leave, use screen, detach it and log out. Regards, Slapic -- PGP 0x96A9B35D / 37 93 43 2A 81 5C B3 0D CD C4 94 F8 FA D4 AD C5 To get my key: mail slapicat_private -s "PGPKEY" < /dev/null --5mCyUwZo2JvN/JJP Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia iQCVAgUBNW6AAT1bHc+WqbNdAQFDkwP8Cv3YReOuUbLBsruWbnYK7FFEg+7ZLLKk I6hA8RnV27oUIH+/hrZwIbVOKV3X6IZQ3OcBdOnPeXQfasO0zZZLsyIB6RZvrC9E o71s4+56a4gBO5X+XsHLiDvviWU3yCCLC/MgjEsETBJQLspcqwXdF29q57w/qTqU 45AxKAaYS+0= =7U61 -----END PGP SIGNATURE----- --5mCyUwZo2JvN/JJP--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:55:40 PDT