From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003 Description of problem: Locking the screen with xscreensaver is unsafe, because anybody can hit ctrl-alt-backspace, killing the X server and falling right into my account's shell prompt. Version-Release number of selected component (if applicable): xscreensaver-4.05-6 How reproducible: Always Steps to Reproduce: 1. login (in text mode) 2. startx 3. lock the screen 4. press ctrl-alt-backspace Actual Results: The X server will die, and you will be back to your shell prompt. Expected Results: xscreensaver should ignore ctrl-alt-backspace. Additional info:
*** This bug has been marked as a duplicate of 26933 ***
There is a simple solution to the problem. Just add this to /etc/X11/XF86Config: Section "ServerFlags" Option "DontZap" "true" EndSection
Is it impossible to set the system up in init 5 so that killing an X session will just spawn another X session? I think wtcorrea.edu's solution is a viable one for those who simply want to start in init 3, and probably should be added to the documentation if it is not already there (or possibly the X configuration application).
The solution I suggested doesn't really solve the problem. A malicious person can still press ctrl-alt-F1 to get to the console where I typed startx, and then hit ctrl-C, killing the X server and getting access to my shell prompt.
That would be a configuration issue, not a screensaver issue.
wtcorrea, I agree that your original suggestion doesn't really solve the problem. In fact, I would argue that the X screensaver isn't really a viable way to secure your system. I would suggest one of two things: 1) As Mr. Yohe points out, you can make sure that the machine boots into runlevel 5. That way, if they ctrl-alt-backspace, it just restarts X and returns to the login screen (gdm). If they hit alt-F1, it takes them to the console login screen. 2) If you must boot the machine in runlevel 3, then make sure to close X and log out of the machine when you are not at the machine. I don't think there's much else from a configuration standpoint I can do to help. Besides, if other people have physical access to your machine then you are already in trouble. All it takes is someone to press the reset button and boot into single user mode. Then they can do anything they want to. Resolving as 'notabug'