Kyle McDonald wrote:
> When Running large computer labs at universities, this root-unlock
> feature has been a godsend for when users lock their terminals and leave
> the lab, and there are no other workstations available for new users.
Though when I was one of the people running a large computer lab at a
university, we disabled the root unlock in xlock (it was what everyone
used way back then, before CDE) after a student compiled their own xlock
that recorded the passwords used to unlock, then left the screen locked
waiting for an admin to unlock... after all, if you had the root
password, you could also rlogin (or ssh today), su & kill the processes.
The feature really is an attractive nuisance, which is why we've been
disabling it by default, but leaving it as an option for those customers
who insist that in their environment the value is worth the spoofability
risk.
--
-Alan Coopersmith- alan.coopersmith at sun.com
Sun Microsystems, Inc. - X Window System Engineering
