You are not logged in.
A blog post at aeroxteam.fr initially uncovered and detailed this apparent vulnerability. A commit to XKB for X.Org Server 1.11 adds a few debug key actions for grabs and the window tree. One of the four new XKB actions allowed is killing clients with active grabs, which is what most (or perhaps all) desktop environment screensavers rely upon for their screensaver lock -- just ensuring they have the top window and are catching all input events. One of the other four options is unleashing all active grabs. While a debugging feature, both of these are appearing by default in some of the leading Linux distributions.
Try it, lock your screen then press ctr+alt+<numpad *>. It works for me (xscreensaver/xfce)
Last edited by Spider.007 (2012-01-20 08:09:26)
Offline
It's fixed in [testing] already.
Offline
That's good to hear!
Offline
It's already in [extra] :-)
http://mailman.archlinux.org/pipermail/ … 24298.html
I read that
> This has been fixed in 2.4.1-3 in testing. You have to
> reset your xkb map or restart X after updating.
Offline
Updated, and the updated version does indeed fix this
Offline
I read the phoronix article and actually landed on this page after i did a pacman -Syu and I have been patched already!
Arch linux rocks!
LENOVO Y 580 IVYBRIDGE 660M NVIDIA
Unix is user-friendly. It just isn't promiscuous about which users it's friendly with. - Steven King
Offline
I think you can mark the thread as solved :-)
Offline