On Tue, 5 Mar 2002, Adi Stav wrote:
> On Tue, Mar 05, 2002 at 08:04:19AM +0200, Shlomi Fish wrote:
> >
> > I always considered Run Level 5 as a very bad idea, which I'll never want
> > to use. However, I recently run into a dillema here at the Computer
> > Networks farm. If I start X from the console and lock it, then a malicious
> > user can switch to the console from which it was invoked, press Ctrl+C or
> > Ctrl+Z and gain my permissions.
> >
> > Naturally, there are ways to overcome it:
>
> Oh, just use "exec startx" instead of "startx", and the attacker will
> have no login shell left to attack.
>
> "startx >startx.log 2>&1 </dev/null & exit" if you don't want to leave
> startx on the tty either. That is sort of what xdm does, too.
>
> I love it when seemingly complicated problems can be solved with basic
> UNIX concepts :)
>
Adi, the problem with your (and Shachar's) suggestion is that it will
still cause my sound to disappear. And besides, run-level 5 was introduced
for a reason, and I guess I discovered part of what it is.
Regards,
Shlomi Fish
> =================================================================
> To unsubscribe, send mail to [EMAIL PROTECTED] with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail [EMAIL PROTECTED]
>
----------------------------------------------------------------------
Shlomi Fish [EMAIL PROTECTED]
Home Page: http://t2.technion.ac.il/~shlomif/
Home E-mail: [EMAIL PROTECTED]
"Let's suppose you have a table with 2^n cups..."
"Wait a second - is n a natural number?"
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
