Security Tidbit

["Scott K . Johnson" <seker@uswest.net>]

Hello All, 

I recently learned a little security tidbit that I found interesting,
and thought I'd pass it along.  

When I start my X session, I simply type "startx" at the prompt after
I've logged into the machine.  When I step away from my desk, or for
that matter go home for the night, I assumed that because I was running
a password "protected" screensaver, that I was somewhat protected.
(In most cases however, if an attacker has physical access your in
pretty big trouble anyhow...)

What happens if they walk up, and press <CTL><ALT><BKSP>??  Well, it
kills X, and dumps you right into your logged in "console" sessioni!!!

I wasn't very comfortable knowing it was _THAT_ easy...

One way to slow them down a bit is to disable that function in the
XF86Config file (I think it's the "DontZap" option?), but I still wanted
a way to get out of X should things get "funny"...

A co-worker of mine suggested that when she starts her X session, rather
than simply typing "startx", she does "exec startx".  When you
<CTL><ALT><BKSP> out of X when started that way, it will dump you to a
login prompt rather than your logged in console prompt.

Most of you veterans probably already knew this, but for the purpose of
general education I thought it was worth saying.

And yes, like I said, if the potential attacker has physical access to
your box, you're pretty much screwed in most cases.  But, the approach
above should help deter simple stuff...??

I like starting security discussions anyway, because I always
learn a lot from the resulting discussions.

Thoughts, comments, etc??  

Scott K. Johnson
seker@uswest.net