In xscreensaver-3.23-2 package, xscreensaver.kss contains the following
if [ ! -f "/etc/shadow" ]; then
which causes xscreensaver to ignore the -lock option when shadow passwords
are used. This is totally unnecessary and stupid - xscreensaver is properly
pam'ified and would work correct with in -lock-mode even if shadow
passwords are used. If the code above is replaced with
everything works fine.
I selected "Severity: security" because this bug causes xscreensaver to
ignore users' requests to lock the terminal.
Thanks for the fix - should be in xscreensaver-3.24-7.