This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 139513 - Xscreensaver shows explicit sexual content
Xscreensaver shows explicit sexual content
Status: CLOSED CANTFIX
Product: Fedora
Classification: Fedora
Component: xscreensaver (Show other bugs)
3
All Linux
medium Severity high
: ---
: ---
Assigned To: Ray Strode [halfline]
:
: 139777 140684 149803 (view as bug list)
Depends On:
Blocks: FC3Update
  Show dependency treegraph
 
Reported: 2004-11-16 10:02 EST by Tomas Edwardsson
Modified: 2007-11-30 17:10 EST (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-30 17:48:41 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Tomas Edwardsson 2004-11-16 10:02:23 EST
Description of problem:
I'm using the default setup with kde which is using a random
screensaver. Much to my dissatisfaction I left my computer idle for an
hour or so and when I returned, my monitor was filled with hardcore
porn. The screensaver in question is called webcollage.

Version-Release number of selected component (if applicable):
xscreensaver-4.18-4

How reproducible:
I used the following command to see which URLs the screensaver was
fetching.
/usr/X11R6/lib/xscreensaver/webcollage -urls-only -verbose

Steps to Reproduce:
1. /usr/X11R6/lib/xscreensaver/webcollage -urls-only -verbose

  
Actual results:
A desktop full of porn

Expected results:
A desktop NOT FILLED WITH PORN!
Comment 1 Ray Strode [halfline] 2004-11-16 10:54:57 EST
Hi Tomas,

This was fixed for RHEL 3, but I somehow missed doing it for FC3.
I'll get this taken care of.
Comment 2 Ray Strode [halfline] 2004-11-17 23:01:06 EST
*** Bug 139777 has been marked as a duplicate of this bug. ***
Comment 3 Jamie Zawinski 2004-11-22 04:43:53 EST
webcollage has been turned off by default in the official xscreensaver
distribution since version 4.03 (11-may-2002.)

(Please do not fix this by deleting webcollage: simply update the
XScreenSaver app-defaults file you ship to disable it by default, so
that people who *do* want to enable it still have the ability to do so.)
Comment 4 Sitsofe Wheeler 2005-02-27 14:27:00 EST
Jamie, there's no way except to delete webcollage (and any other screensaver
that may be offensive) to prevent it from popping up for *KDE* users in random
mode. The KDE control center offers no means for taking screensavers out of
random circulation - it's everything or er, everything I guess.

Perhaps KDE should default the screensaver to a blank screen like GNOME does to
at least stop this sort of thing happening "out of the box".
Comment 5 Jamie Zawinski 2005-02-27 15:48:13 EST
> The KDE control center offers no means for taking screensavers out of
> random circulation - it's everything or er, everything I guess.

That sounds like a pretty stupid bug in KDE, then.
They should fix that.

My policy on KDE and xscreensaver:
http://www.jwz.org/xscreensaver/faq.html#kde
Comment 6 Laszlo BERES 2005-05-06 05:36:42 EDT
*** Bug 149803 has been marked as a duplicate of this bug. ***
Comment 7 Tomas Edwardsson 2005-05-06 08:06:27 EDT
Is this at least fixed in FC4?
Comment 8 Ray Strode [halfline] 2005-05-06 10:02:07 EDT
Yes, this will be fixed for FC4.
Comment 9 Warren Togami 2005-05-22 23:27:10 EDT
I propose totally deleting webcollage for all future distributions until KDE
fixes this.  It is unacceptable to have this screensaver possible to seen by
default on our desktop.  webcollage is also of zero value unless you happen to
*LIKE* seeing random porn.
Comment 10 Sitsofe Wheeler 2005-06-12 04:36:20 EDT
Warran,

I still think it would be wise to default the screensavers to a blank
screen/something fixed rather than random (although I bet eventually that will
outrage someone too). Sooner or later someone will find something offensive in
another randomly on screensaver and we go round again...
Comment 11 Sitsofe Wheeler 2005-06-12 04:37:56 EDT
(Apologies for mispelling your name earlier Warren)

Also reported on the Debain bugzilla:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23311683
Comment 12 H.-P. Huang 2005-08-17 14:31:36 EDT
I agree with Warren Tomagi and others that Web Collage should be removed from
the Fedora and RedHat package in future distributions. The program is offensive
and can cause potential security problem. I have seen enough.
Comment 13 Ray Strode [halfline] 2005-09-09 16:17:06 EDT
*** Bug 140684 has been marked as a duplicate of this bug. ***
Comment 14 Ra P. 2006-03-27 13:06:17 EST
There is an option to WebCollage to pull images from LiveJournal instead of the 
entire web, why not set it up to behave that way by default?
Comment 15 Scott Baker 2006-03-27 13:11:37 EST
LiveJournal has porn just like the rest of the web. You can see for yourself at:

http://www.perturb.org/lj_images.php

All kinds of wild stuff shows up there. Just about the ONLY safe source of
images would be some news source like CNN.
Comment 16 Matthew Miller 2006-07-10 19:29:47 EDT
Fedora Core 3 is now maintained by the Fedora Legacy project for security
updates only. If this problem is a security issue, please reopen and
reassign to the Fedora Legacy product. If it is not a security issue and
hasn't been resolved in the current FC5 updates or in the FC6 test
release, reopen and change the version to match.

Thank you!
Comment 17 John Thacker 2006-10-30 17:48:41 EST
Closing per lack of response to previous request for information.
This bug was originally filed against a much earlier version of Fedora
Core, and significant changes have taken place since the last version
for which this bug is confirmed.

Note that FC3 and FC4 are supported by Fedora Legacy for security
fixes only.  Please install a still supported version and retest.  If
it still occurs on FC5 or FC6, please reopen and assign to the correct
version.  Otherwise, if this a security issue, please change the
product to Fedora Legacy.  Thanks, and we are sorry that we did not
get to this bug earlier.

Note You need to log in before you can comment on or make changes to this bug.