From bd069b08c5fe4fea3c78f6991a849b19ed40cbe0 Mon Sep 17 00:00:00 2001 From: FRIGN Date: Wed, 28 Sep 2016 20:20:51 +0200 Subject: Add a section on security considerations The section on security considerations sheds some light on the problems that we can't solve within slock but which the user has to solve in his X configuration. --- slock.1 | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'slock.1') diff --git a/slock.1 b/slock.1 index 2b2b7c8..82cdcd6 100644 --- a/slock.1 +++ b/slock.1 @@ -17,6 +17,18 @@ is executed after the screen has been locked. .It Fl v Print version information to stdout and exit. .El +.Sh SECURITY CONSIDERATIONS +To make sure a locked screen can not be bypassed by switching VTs +or killing the X server with Ctrl+Alt+Backspace, it is recommended +to disable both in +.Xr xorg.conf 5 +for maximum security: +.Bd -literal -offset left +Section "ServerFlags" + Option "DontVTSwitch" "True" + Option "DontZap" "True" +EndSection +.Ed .Sh EXAMPLES $ .Nm -- cgit v1.2.3-70-g09d2