Common Vulnerabilities and Exposures assigned an identifier CVE-2006-7240 to the following vulnerability: gnome-power-manager 2.14.0 does not properly implement the lock_on_suspend and lock_on_hibernate settings for locking the screen when the suspend or hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action, a related issue to CVE-2010-2532. References: [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7240 [2] https://bugs.launchpad.net/ubuntu/+source/gnome-power-manager/+bug/42052
(In reply to comment #0) > gnome-power-manager 2.14.0 does not properly implement the > lock_on_suspend and lock_on_hibernate settings for locking the screen > when the suspend or hibernate button is pressed, which might make it > easier for physically proximate attackers to access an unattended > laptop via a resume action, a related issue to CVE-2010-2532. Unless the admin has set /apps/gnome-power-manager/lock/use_screensaver_settings to FALSE, it uses the screensaver settings. That's not a bug surely? Richard.
I think the ubuntu bug is referring to the scenario where use_screensaver_settings is set to FALSE, which results in gnome-power-manager not locking the screen.
This issue did not affect the versions of the gnome-power-manager packages, as shipped with Red Hat Enterprise Linux 5. -- This issue did not affect the versions of the gnome-power-manager packages, as shipped with Fedora 12 and 13.