From bd069b08c5fe4fea3c78f6991a849b19ed40cbe0 Mon Sep 17 00:00:00 2001
From: FRIGN <dev@frign.de>
Date: Wed, 28 Sep 2016 20:20:51 +0200
Subject: [PATCH] Add a section on security considerations

The section on security considerations sheds some light on the problems that we
can't solve within slock but which the user has to solve in his X configuration.
---
 slock.1 | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/slock.1 b/slock.1
index 2b2b7c8..82cdcd6 100644
--- a/slock.1
+++ b/slock.1
@@ -17,6 +17,18 @@ is executed after the screen has been locked.
 .It Fl v
 Print version information to stdout and exit.
 .El
+.Sh SECURITY CONSIDERATIONS
+To make sure a locked screen can not be bypassed by switching VTs
+or killing the X server with Ctrl+Alt+Backspace, it is recommended
+to disable both in
+.Xr xorg.conf 5
+for maximum security:
+.Bd -literal -offset left
+Section "ServerFlags"
+	Option "DontVTSwitch" "True"
+	Option "DontZap"      "True"
+EndSection
+.Ed
 .Sh EXAMPLES
 $
 .Nm
-- 
2.20.1