17080 – Root password will unlock any user's screen

Bug 17080 - Root password will unlock any user's screen

Summary: Root password will unlock any user's screen

Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	xlockmore
Sub Component:	(Show other bugs)
Version:	6.2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Bill Nottingham
QA Contact:
Docs Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2000-08-29 17:20 UTC by Bob Apodaca
Modified:	2014-03-17 02:16 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2000-08-29 17:20:39 UTC
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Bob Apodaca 2000-08-29 17:20:37 UTC

When any user locks the screen using xlockmore, the screen can be unlocked
with the root password.  While root could kill the screensaver process, it
seems a little lax to allow root to unlock the screen.  The problem could
potentially be in PAM, I have not looked into this.

Comment 1 Bill Nottingham 2000-08-29 18:06:02 UTC

That's the normal behavior of xlock, if you're not using
shadow passwords. If you are using shadow passwords, it
can't check the root password.

Note You need to log in before you can comment on or make changes to this bug.