Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Xfree86 video buffering?
From: bkfsec <bkfsec () sdf lonestar org>
Date: Fri, 25 Feb 2005 11:27:52 -0500

Stan Bubrouski wrote:

Michael Holstein wrote:

Seems like an easy fix would be to write a routine into KDM to write 4-5 seconds worth of something benign (like the KDE logo in different spots) to the screen before logout/shutdown (note how 2000/XP already do this with the 'preparing to shutdown' screen? Maybe there's a reason for that).


That seems like a pretty unhelpful solution. Say the system crashes? Or KDE or
X crash?  The same problem will still exist.

With this solution someone could intentionally crash your machine to avoid those routines from running. I'm not trying to put you down or anything, in fact I probably know less about video related stuff than most on the list, this just doesn't seem like the best way to do it. I have no better suggestions, I'll leave this one to
the experts.

You'd think that if someone could force a timed crash on the machine intended to save a small amount of data to buffers on the video card, that you'd probably have many more problems on your hands than that.

Not to mention that when a machine crashes, most people don't just walk away and say "oh well". They usually restart the machine to either continue what they were doing, or to make sure that it starts up properly. We're not really talking about remote information disclosure, we're talking about someone being right at the terminal.

My thought on that is that the only way that a crash would work for this is if the person were looking over your shoulder. At that point, why would they need to crash the system?

Likewise, not trying to put you down... just pointing out my observations.


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]