fyi, you can redefine CDE's LockDisplay action so it runs /usr/openwin/bin/xlock instead of the broken CDE screenlock. just put the following action into the file /etc/dt/appconfig/types/C/Xlock.dt and restart your workspace manager. ACTION LockDisplay { LABEL LockDisplay TYPE COMMAND EXEC_STRING /usr/X11R5/bin/xlock WINDOW_TYPE NO_STDIO DESCRIPTION The LockDisplay action locks the workstation. } ------------------------------------------------------------------------ | Jeff Horwitz University of Michigan | | jhorwitzat_private Ann Arbor | | http://www-personal.umich.edu/~jhorwitz ITD Login Service | ------------------------------------------------------------------------ On Mon, 12 Oct 1998 19:37:21 -0400, dbell <dbellat_private> said: > I didn't see this, or anything similar to it in the archives, but please > forgive me if it's well known: > > If a Solaris 2.6 host is a NIS+ client, and any user other than root is > running CDE at the console, CDE's screen locking feature does not work. > Any random string is sufficient to unlock to console. Obviously, this is > not a root-compromise-from-the-network sort of bug, but it can be a > problem if your machine is located somewhere physically insecure > (university labs, for example). I made Sun aware of this a month ago, and > there seems to be a bug ID opened by someone else even farther back (bug > id 4115685). This is not fixed in any current release (up through > Hardware 5/98 w/current patches). I don't have older versions to test this > on, but I can reproduce it running 2.6 on a variety of hardware (email me > if you care). > > Workaround: use /usr/openwin/bin/xlock instead of CDE's screenlock, stop > using NIS+, stop using CDE. > > > -- > Daniel Bell > Heuer's Law: Any feature is a bug unless it can be turned off. >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:19:34 PDT