fyi, you can redefine CDE's LockDisplay action so it runs
/usr/openwin/bin/xlock instead of the broken CDE screenlock. just put
the following action into the file /etc/dt/appconfig/types/C/Xlock.dt and
restart your workspace manager.
ACTION LockDisplay
{
LABEL LockDisplay
TYPE COMMAND
EXEC_STRING /usr/X11R5/bin/xlock
WINDOW_TYPE NO_STDIO
DESCRIPTION The LockDisplay action locks the workstation.
}
------------------------------------------------------------------------
| Jeff Horwitz University of Michigan |
| jhorwitzat_private Ann Arbor |
| http://www-personal.umich.edu/~jhorwitz ITD Login Service |
------------------------------------------------------------------------
On Mon, 12 Oct 1998 19:37:21 -0400, dbell <dbellat_private> said:
> I didn't see this, or anything similar to it in the archives, but please
> forgive me if it's well known:
>
> If a Solaris 2.6 host is a NIS+ client, and any user other than root is
> running CDE at the console, CDE's screen locking feature does not work.
> Any random string is sufficient to unlock to console. Obviously, this is
> not a root-compromise-from-the-network sort of bug, but it can be a
> problem if your machine is located somewhere physically insecure
> (university labs, for example). I made Sun aware of this a month ago, and
> there seems to be a bug ID opened by someone else even farther back (bug
> id 4115685). This is not fixed in any current release (up through
> Hardware 5/98 w/current patches). I don't have older versions to test this
> on, but I can reproduce it running 2.6 on a variety of hardware (email me
> if you care).
>
> Workaround: use /usr/openwin/bin/xlock instead of CDE's screenlock, stop
> using NIS+, stop using CDE.
>
>
> --
> Daniel Bell
> Heuer's Law: Any feature is a bug unless it can be turned off.
>
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:19:34 PDT