Bug#564079: Is this really a screensaver issue?
Bastian Blank
waldi at debian.org
Tue Jan 26 17:00:28 UTC 2010
On Tue, Jan 26, 2010 at 05:31:23PM +0100, Josselin Mouette wrote:
> Le mardi 26 janvier 2010 à 16:19 +0100, Guido Günther a écrit :
> > I can only agree here. procps should at least get a:
> > sys.kernel.sysrq = 0
> It’s only a workaround, and it’s a bit too much to disable all SysRq
> since other SysRq combinations are not a security threat.
I would accept a default mask that disables SIGNAL and DUMP sysrq
requests. The SIGNAL labeled allows to kill processes in various ways,
the DUMP labeled ones allows display of various process and systems
states that may provide access to private userspace data.
Affected sysrq requests:
* SIGNAL: Terminate All Tasks, Manual OOM execution, Emergency Thaw of
all frozen filesystems, Kill All Tasks
* DUMP: Trigger a crash, Show backtrace of all active CPUs, Show Regs,
Show State, Show Blocked State, Dump ftrace buffer, Show Memory
> However we
> could ship this in the gnome-screensaver/xscreensaver packages if there
> is no other solution.
Please don't try this, this is a decision of the kernel have to make.
Bastian
--
Vulcans never bluff.
-- Spock, "The Doomsday Machine", stardate 4202.1
More information about the pkg-gnome-maintainers
mailing list