Page 3 of 3 FirstFirst 123
Results 21 to 25 of 25

Thread: An Easy But Serious Screensaver Security Problem In X.Org

  1. #21
    Join Date
    Oct 2009
    Posts
    59

    Default

    Hmm, I don't have a keypad on my keyboard (mini Apple Aluminum wired keyboard same layout as the bluetooth one now) so this doesn't seem to work. Also I'm still running xorg-server-1.10 here on my gentoo install due to some issues with the newer nvidia drivers, wine, and team fortress 2.

    How do I check to see if my XKB has the default debugging, without the effected xorg-server and without a keypad?

  2. #22
    Join Date
    Jul 2009
    Posts
    256

    Default

    Quote Originally Posted by cynyr View Post
    Hmm, I don't have a keypad on my keyboard (mini Apple Aluminum wired keyboard same layout as the bluetooth one now) so this doesn't seem to work. Also I'm still running xorg-server-1.10 here on my gentoo install due to some issues with the newer nvidia drivers, wine, and team fortress 2.

    How do I check to see if my XKB has the default debugging, without the effected xorg-server and without a keypad?
    Run 'xkbcomp -xkb :0 - | less' and look for a fragment like this:
    interpret XF86_Ungrab {
    action = Private(type=0x86, data=[stuff in hex]);
    };
    interpret XF86_ClearGrab {
    action = Private(type=0x86, data=[more stuff in hex]);
    };

  3. #23
    Join Date
    Sep 2008
    Posts
    201

    Default

    The X screen locker has always been a suboptimal hack.

    KDE 4.8 (to be released on 25th Jan) already ditches the X screen locker for one integrated with the compositor. This just goes to show what a good move that is.

  4. #24
    Join Date
    Nov 2009
    Posts
    379

    Default

    Quote Originally Posted by phoronix View Post
    Phoronix: An Easy But Serious Screensaver Security Problem In X.Org

    I've been alerted this afternoon that there's an outstanding security vulnerability within the current X.Org Server that's receiving little attention. This active vulnerability could allow anyone with physical access to your system to easily bypass the desktop's screen lock regardless of your desktop environment...

    http://www.phoronix.com/vr.php?view=MTA0NTA
    Even though Gentoo is listed, it was fixed the same day 19/01/12 in Portage for x86, amd64, hppa, arm: https://bugs.gentoo.org/399347

  5. #25
    Join Date
    Oct 2010
    Posts
    364

    Default

    There's been a blog post written about this by Peter Hutterer, for those interested.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •