Intro, and userhelper question
Nalin Dahyabhai
nalin at redhat.com
Mon Nov 10 14:24:24 UTC 2003
On Fri, Nov 07, 2003 at 02:22:12PM -0500, Alastair Neil wrote:
> It seems there are two ways to approach this, allow userhelper to have a
> list of authorised users, possibly selected from a dropdown list in
> consolehelper or modify pam to check the root password if the user
> password does not match.
>
> I modified pam in RH8 to do this because I liked the ability to unlock
> screensavers with the root passwd ala HPUX, but I noted that
> xscreensaver in Ximian allows this and as far as I can see it is not a
> pam level change.
>
> Does anyone think these modifications are a good idea and if so what is
> the preference? Or perhaps in my ignorance I am reinventing the wheel?
Allowing unlocking of a user's screen saver using the root password is
unfortunately not a good idea. A naive sysadmin has no way of knowing
whether or not the application which is asking for a password was built
by the user to log that password for later (nefarious) uses.
Cheers,
Nalin
More information about the fedora-devel-list
mailing list