Bug#564079: Is this really a screensaver issue?
Julien Cristau
jcristau at debian.org
Tue Jan 26 17:08:18 UTC 2010
On Tue, Jan 26, 2010 at 17:31:23 +0100, Josselin Mouette wrote:
> Le mardi 26 janvier 2010 à 16:19 +0100, Guido Günther a écrit :
> > > True, but this one is trivial to exploit and is also fairly easy to prevent so
> > > why stick with it?
> > I can only agree here. procps should at least get a:
> >
> > sys.kernel.sysrq = 0
>
> It’s only a workaround, and it’s a bit too much to disable all SysRq
> since other SysRq combinations are not a security threat. However we
> could ship this in the gnome-screensaver/xscreensaver packages if there
> is no other solution. This would make the obvious and immediate security
> issue go away.
Not really, because everyone will re-enable it anyway. Disabling sysrq
system-wise to avoid the X screensaver being killed is too big a hammer,
IMO.
Cheers,
Julien
More information about the pkg-gnome-maintainers
mailing list