On Saturday 24 March 2012, Brett wrote:
> On Fri, 23 Mar 2012 22:30:40 -0400
>
> Nick Holland <n...@holland-consulting.net> wrote:
> > On 03/23/12 22:02, Brett wrote:
> > > On Sat, 24 Mar 2012 02:43:53 +0100
> > >
> > > Henning Brauer <lists-open...@bsws.de> wrote:
> > >> * Brett <brett.ma...@gmx.com> [2012-03-24 01:56]:
> > >> > > its normal behaviour. from xorg.conf(5):
> > >> > >
> > >> > > Option "DontZap" "boolean"
> > >> > > This disallows the use of the Terminate_Server XKB action
> > >> > > (usually on Ctrl+Alt+Backspace, depending on XKB options).
> > >> > > This action is normally used to terminate the Xorg server.
> > >> > > When this option is enabled, the action has no effect. Default:
> > >> > > off.
> > >> >
> > >> > Would it make sense for this to be the "secure by default" default?
> > >>
> > >> how exactly is preventing yourself from killing your own X server
> > >> increasing security again?
> > >
> > > By stopping anyone wandering by my desk (or the cat) from pressing a
> > > few buttons and getting into a console.
> >
> > IF you are logging in at the console, then starting X, yes. There are a
> > few ways to get back to the console.
> >
> > However, if you are relying on xlock to keep people off your system, you
> > will want to use DontZap or use xdm to start X, rather than logging in,
> > starting X and leaving a console running.
> >
> > Note that if you are leaving a console logged in then starting X, a
> > CTRL-ALT-F1 (through F4) may take you somewhere you aren't expecting to
> > be able to get, DontZap or no DontZap.
> >
> > Nick.
>
> Till now I falsely assumed that ctrl+alt+f1 behaved as ctrl+alt+{f2-f4},
> and went to a login: prompt. Sorry for the noise, DontZap on by default
> will not improve security. I always used startx, will try out xdm. And
> shutdown my computers more often!
Or:
$ startx & lock -np
--
"Reason is not automatic. Those who deny it cannot be conquered by it.
Do not count on them. Leave them alone." -- Ayn Rand
