From owner-freebsd-security  Mon Jun 29 05:25:34 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id FAA05342
          for freebsd-security-outgoing; Mon, 29 Jun 1998 05:25:34 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from brooklyn.slack.net (brooklyn.slack.net [206.41.21.102])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA05335
          for <freebsd-security@FreeBSD.ORG>; Mon, 29 Jun 1998 05:25:26 -0700 (PDT)
          (envelope-from andrewr@brooklyn.slack.net)
Received: from localhost (andrewr@localhost)
	by brooklyn.slack.net (8.8.7/8.8.7) with SMTP id IAA23332;
	Mon, 29 Jun 1998 08:27:49 -0400 (EDT)
Date: Mon, 29 Jun 1998 08:27:49 -0400 (EDT)
From: andrewr  <andrewr@slack.net>
To: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE>
cc: freebsd-security@FreeBSD.ORG
Subject: Re: xlock
In-Reply-To: <199806290632.IAA00836@gilberto.physik.RWTH-Aachen.DE>
Message-ID: <Pine.NEB.3.96.980629081835.12717A-100000@brooklyn.slack.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


The main problem with using xlock is that the people who have made it and
mod'd it over the years, have tried to make it more of a program than it
should be.  ie, giving the user more options than are needed for this type
of program.  All xlock needs to be is a simple mechanism for locking X,
nothing else.  

Also, I am porting a console locking program (doesn't allow VT switching),
from linux, but I have been having trouble with the actual stopping of the
allowing of VT switching.  I have tried setting vtmode to be handled by
the process, then using an ioctl to execute this.  This failed.  Then, I
tried using flock(), that failed.  If you have any ideas and would like to
know what I did before (dealing with flock() and ioctl(), just ask).

A.

*****************************************
AWR 				XNS, Inc.
         <andrewr@slack.net>		
  "Drink beer, it will save your life."

On Mon, 29 Jun 1998, Christoph Kukulies wrote:

> 
> Alarmed by recent buffer overflow attacks on Linux machines in
> my vicinity (an exploit for this is available) I thought about
> xlock under FreeBSD and would like to know whether the
> security hole has been sorted out under FreeBSD 2.2.x or what
> measures are advised to prevent it.
> 
> -- 
> Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe security" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message