Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 Jan 2012 20:18:37 +0100
From: Florian Weimer <>
Subject: Re: Screen locking programs on Xorg 1.11

> I recently found out that it is possible to kill a screensaver/screen
> locker program on the latest version of Xorg (1.11 shipped with
> archlinux, debian wheezy..) using the Ctrl+Alt+Multiply key binding.

This used to be, uhm, common knowledge:

| Option "AllowDeactivateGrabs" "boolean"
|     This option enables the use of the Ctrl+Alt+Keypad-Divide key
|     sequence to deactivate any active keyboard and mouse
|     grabs. Default: off.
| Option "AllowClosedownGrabs" "boolean"
|     This option enables the use of the Ctrl+Alt+Keypad-Multiply key
|     sequence to kill clients with an active keyboard or mouse grab as
|     well as killing any application that may have locked the server,
|     normally using the XGrabServer(3x) Xlib function. Default: off.
|     Note that the options AllowDeactivateGrabs and AllowClosedownGrabs
|     will allow users to remove the grab used by screen saver/locker
|     programs. An API was written to such cases. If you enable this
|     option, make sure your screen saver/locker is updated.


The API in question appears to be XF86MiscSetGrabKeysState:


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ