Bug#309037: xscreensaver don't unlock the screen (pam_unix2 authentication failure)
Since pam_unix2 got fixed in bug #295526, I guess we can close this bug? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#309037: xscreensaver don't unlock the screen (pam_unix2 authentication failure)
On Dec 14, 2007, at 5:08 PM, Jose Luis Rivas Contreras wrote: I'm just not going to setuid root xscreensaver, this introduces big changes of security holes, (see #295526). No, making xscreensaver be setuid is perfectly safe, and in fact, on some systems, is absolutely required for anything to work at all. However, if the system uses PAM, and PAM is configured properly, it shouldn't be necessary. -- Jamie Zawinski [EMAIL PROTECTED] http://www.jwz.org/ [EMAIL PROTECTED] http://www.dnalounge.com/ http://jwz.livejournal.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#362954: Bug#309037: xscreensaver don't unlock the screen (pam_unix2 authentication failure)
Jamie Zawinski wrote: > > On Dec 14, 2007, at 5:08 PM, Jose Luis Rivas Contreras wrote: > >> I'm just not going to setuid root xscreensaver, this introduces big >> changes of security holes, (see #295526). > > No, making xscreensaver be setuid is perfectly safe, and in fact, on > some systems, is absolutely required for anything to work at all. > > However, if the system uses PAM, and PAM is configured properly, it > shouldn't be necessary. Well, it seems is necessary for pam_unix2 :-( -- ghostbar on debian linux 'sid' 2.6.22 x86_64-SMP - #382503 Weblog: http://ghostbar.ath.cx/ - http://linuxtachira.org http://debian.org.ve - irc.debian.org #debian-ve #debian-devel-es San Cristóbal, Venezuela. http://chaslug.org.ve GPG: 0xCACAB118 signature.asc Description: OpenPGP digital signature
