Erik Hemdal wrote:
Erik Hemdal wrote:
On the gnome-list, a posting noted that one can bypass the
screensaver
anyway with CTRL-ALT-F1, so logging in as root is dangerous. But I
tried this, and while I can bypass the screensaver, I still
must log in
to my virtual terminals. So no loss of security.
If root did a graphical login, you're right.
But if root has started the X session with "startx" in one of
the virtual
terminal, you can go to that virtual terminal, do a Ctrl-C (killing X)
and get a root shell.
Thank you Roberto, I was beginning to think that maybe I had grown an extra
head or something that made others not want to answer the question. Or
maybe this is another bit of GNOME design wisdom that is just
incomprehensible to me and obvious to everyone else. I appreciate that you
took the time to try to explain a dangerous case.
I tried your idea and you're right, of course. Launching X via startx is
insecure because it does nothing to secure root's original login shell. But
preventing root from locking the screen doesn't make this "startx" case more
secure. And preventing locking after root does a graphical login _does_
make the system a bit less secure; particularly when the Preferences GUI
says root can do it.
Certainly, you don't want to routinely do this. But this behavior seems
inconsistent to the point of being a defect. I can understand that there
might be a security hole if the screensaver has to make connections to what
might be a remote X server (I can remember at least one system on which X
would fail to start if the network interface was unterminated). But if this
is so dangerous, why not prevent graphical root logins altogether?
I'm still in the hunt for a good explanation of the behavior, so I'll keep
looking.
Erik
Best regards.
--
Roberto Ragusa mail at robertoragusa.it
While an X session is generated by a startx, a user can issue a
Ctrl+Alt+Backspace to kill the X session, giving access to that
account's cmd-line. This can also be done when the screen is locked. If
the machine is running init 5 and it is the default X session, this only
restarts the X session and doesn't give cmd-line access.
Although I prefer init 3, I have been running 5 to get around this. I
might research the possibility of deactivating Ctrl+Alt+Backspace while
having the screen locked. But still, a more savvy badguy/girl will know
about either method of getting access. =(
But for the use of root: Don't log in as root to a GUI, unless you are
there using it. Log out when you are done. Better: use su or sudo in a
user account using virtual terminals.
Stephen Mirowski
