Lock Screen as root
Erik Hemdal
ehemdal at townisp.com
Sat May 27 09:25:47 UTC 2006
> While an X session is generated by a startx, a user can issue a
> Ctrl+Alt+Backspace to kill the X session, giving access to that
> account's cmd-line. This can also be done when the screen is locked. If
> the machine is running init 5 and it is the default X session, this only
> restarts the X session and doesn't give cmd-line access.
>
When I tried this as root, it hung the system, and X did not restart.
Graphical logins were unavailable (the screen was completely black) and
access to a virtual console required a new login.
>From a locked user session, X restarts and prompts again for username
and password. I gather that if root could lock the screen, he could
recover more easily.
> Although I prefer init 3, I have been running 5 to get around this. I
> might research the possibility of deactivating Ctrl+Alt+Backspace while
> having the screen locked. But still, a more savvy badguy/girl will know
> about either method of getting access. =(
Not really a worry. If a bad guy has physical access to your keyboard
and system box, you're in trouble anyway and nothing X can do will help
you. If I want to cause trouble, all I have to do is turn off the
power, or take out the hard drive.
>
> But for the use of root: Don't log in as root to a GUI, unless you are
> there using it. Log out when you are done. Better: use su or sudo in a
> user account using virtual terminals.
This isn't the point of my question. Is the misbehavior of the screensaver
a bug, an unintended side effect of something else, or done intentionally?
> Stephen Mirowski
More information about the users
mailing list