Screen Locking Problems
David Curry
dsccable at comcast.net
Wed Mar 2 21:23:37 UTC 2005
Ryan McDougall wrote:
>Hi All,
>
>I'm sorry about this but I have looked for some things on this but
>can't seem to find a solution or an exact problem.
>
>We have FC2 on a Dell machine but the user likes to lock the screen
>using the xscreensaver option on the redhat menu. Ok this works most
>of the time BUT every once in a while he will come in the next
>morning, after having locked the screen the night before, and the
>screen will be unlocked and open. Has anyone else had this issue or
>does anyone know how to go about fixing it?
>
>Also we tried to use xlockmore from the DAG wiers repository and the
>install seemed to work but the user just emailed me and stated that
>xlock wouldn't accept his password. And after he hit the enter key
>several times it just let him in anyway. So if we could find a
>solution to either of those that would be AWESOME.
>
>Thanks all,
>Ryan
>
>
>
Screensaver Help suggests two ways that someone can overcome Screensaver
Lock. Ctl-Alt-Backspace will kill the X session and throw the machine
back to init level 3. If the user's username and password are known to
someone else, that someone else could easily kill the X session and log
back in to X.org as the party who set the screenlock. In addition,
Screensaver -> Help - > Frequently Asked questions -> #22 points out
that if the user is logged into a non-X console session, Ctl-Alt-F1 on
the keyboard will switch the screen to that non-X console.
I haven't really explored either one of the things suggested by the faq,
but it seems to me that screen lock has real weaknesses as an overnight
security measure.
More information about the fedora-list
mailing list