Matthew Miller wrote:
On Wed, Mar 02, 2005 at 04:23:37PM -0500, David Curry wrote:
back to init level 3. If the user's username and password are known to someone else, that someone else could easily kill the X session and log back in to X.org as the party who set the screenlock. In addition,
Errr, if they know the username and password, they could just unlock the screensaver, with no need to kill the session.
Twas dumb. Fingers working faster than the brain.
Screensaver -> Help - > Frequently Asked questions -> #22 points out that if the user is logged into a non-X console session, Ctl-Alt-F1 on the keyboard will switch the screen to that non-X console.
And again require a login. If you want to disable this (for a kiosk, say), set the DontVTSwitch option to true. (You can also set DontZap, to disable Ctrl-Alt-Backspace, if you want.)
Thanks for the info.
I haven't really explored either one of the things suggested by the faq, but it seems to me that screen lock has real weaknesses as an overnight security measure.
It might, but I don't see how it's the things you've listed.
