| 1 |
Hello, |
| 2 |
|
| 3 |
This is not strictly a Gentoo issue, but since we have a good habit to |
| 4 |
report upstream bugs and security issues (and I use Gentoo), I wanted |
| 5 |
to run by a possible security hole to others. |
| 6 |
|
| 7 |
When my machine is locked, I can still use an IR remote, running |
| 8 |
through lirc and programmed through irkick, as though the machine was |
| 9 |
unlocked. What likely security area this falls under is not very |
| 10 |
serious, as someone would need to program a remote control to do |
| 11 |
strange commands to have any sense of taking control of the machine, |
| 12 |
and said user must also be local. But, the IR remote should still be |
| 13 |
unresponsive when the machine is locked (similar to hot keys). |
| 14 |
|
| 15 |
I am using KDE 3.5.10, so it's possible this has been resolved in more |
| 16 |
recent versions. I assume irkick is to blame, but in principle it |
| 17 |
might be related to lirc. |
| 18 |
|
| 19 |
Does anyone have thoughts? Is this worth a security bug report? How |
| 20 |
would I determine if it's lirc or irkick, or should I just submit to |
| 21 |
Gentoo devs and maybe they would know better? |
| 22 |
|
| 23 |
Regards, |
| 24 |
daid |
Archives