1 |
Hello, |
2 |
|
3 |
This is not strictly a Gentoo issue, but since we have a good habit to |
4 |
report upstream bugs and security issues (and I use Gentoo), I wanted |
5 |
to run by a possible security hole to others. |
6 |
|
7 |
When my machine is locked, I can still use an IR remote, running |
8 |
through lirc and programmed through irkick, as though the machine was |
9 |
unlocked. What likely security area this falls under is not very |
10 |
serious, as someone would need to program a remote control to do |
11 |
strange commands to have any sense of taking control of the machine, |
12 |
and said user must also be local. But, the IR remote should still be |
13 |
unresponsive when the machine is locked (similar to hot keys). |
14 |
|
15 |
I am using KDE 3.5.10, so it's possible this has been resolved in more |
16 |
recent versions. I assume irkick is to blame, but in principle it |
17 |
might be related to lirc. |
18 |
|
19 |
Does anyone have thoughts? Is this worth a security bug report? How |
20 |
would I determine if it's lirc or irkick, or should I just submit to |
21 |
Gentoo devs and maybe they would know better? |
22 |
|
23 |
Regards, |
24 |
daid |