From: kevin lyda (kevin at domain suberic.net)
Date: Sat 15 Jul 2000 - 18:04:59 IST
On Sat, Jul 15, 2000 at 05:23:40PM -0400, Ronny B. wrote:
> On Sat, Jul 15, 2000 at 05:09:33PM +0100, Jason A. Corcoran wrote:
> > writing this mail. To get around this I just
> > pressed Ctrl - F4 entered an virtual console and
> > just killed the screen saver. Not exactly high
> > security. Is there any other way to stop this. I
> > normally leave a virtual console logged in. I know
> > that is not very security minded.
> Have you tried the root password? I know it sounds insane, but I've seen
> it happen...suid executables are scary!
what does this sentence mean?
xscreensaver can be configured to accept both the user's password and
the root password. this way the admin of the machine can unlock the
screensaver if a luser's logged on.
if a program can verify a password for user x, it can verify it for the
root user as well. the way a password is verified in unix is that it
is encrypted and the result is compared against the stored cyphertext.
since all the passwords are in *one* file, then there's no way to stop
a program from comparing against every password on the system if they
want to. this is an important feature for things like the login
program for instance.
it's not scary, it's not cuddly, it just is.
as far as just switching to a different virtual console i'd suggest
looking into what your shell can do in the way of idle or periodic
commands and then look into the vlock program.
kevin
-- kevin at domain suberic.net "there's nothing wrong with windows 2000 that fork()'ed on 37058400 linux can't fix." -- va linux t-shirt meatspace place: home
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:06:53 GMT