Bug 17080

Summary: Root password will unlock any user's screen
Product: [Retired] Red Hat Linux Reporter: Bob Apodaca <bob>
Component: xlockmoreAssignee: Bill Nottingham <notting>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2CC: rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-08-29 17:20:39 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Bob Apodaca 2000-08-29 17:20:37 UTC
When any user locks the screen using xlockmore, the screen can be unlocked
with the root password.  While root could kill the screensaver process, it
seems a little lax to allow root to unlock the screen.  The problem could
potentially be in PAM, I have not looked into this.

Comment 1 Bill Nottingham 2000-08-29 18:06:02 UTC
That's the normal behavior of xlock, if you're not using
shadow passwords. If you are using shadow passwords, it
can't check the root password.