[7008] in SIPB bug reports
Re: xscreensaver remote unlock
daemon@ATHENA.MIT.EDU (Brad Thompson)
Fri Sep 25 19:13:53 1998
To: Nickolai Zeldovich <kolya@MIT.EDU>
Cc: bug-sipb@MIT.EDU
In-Reply-To: Your message of "Fri, 25 Sep 1998 19:09:57 EDT."
<199809252309.TAA09745@m4-035-19.mit.edu>
Date: Fri, 25 Sep 1998 19:13:40 EDT
From: Brad Thompson <yak@MIT.EDU>
> Just being paranoid here, but sending the clear-text password over
> the network to an xscreensaver-l'ed machine isn't very secure, it
> seems :) Or at least I got the impression that's how xscreensaver
> works, from the manpage. Don't know if there's any realistic reason
> to fix this, but I thought I'd whine about it anyway.
This capability is there to deal with old versions of xscreensaver
that would lock, and not be unlockable with the correct password. It
was never removed. To disable it, put the following line in your
.Xresources:
XScreensaver.passwordPort: 0
yak
