[8213] in bugtraq
Re: Annoying Solaris/CDE/NIS+ bug
daemon@ATHENA.MIT.EDU (Frank Cusack)
Wed Oct 14 15:41:15 1998
Date: Tue, 13 Oct 1998 21:03:16 -0400
Reply-To: Frank Cusack <fcusack@ICONNET.NET>
From: Frank Cusack <fcusack@ICONNET.NET>
X-To: dbell <dbell@BWAY.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: dbell's message of "Tue, 13 Oct 1998 17:44:53 GMT"
dbell <dbell@BWAY.NET> writes:
> I didn't see this, or anything similar to it in the archives, but please
> forgive me if it's well known:
>
> If a Solaris 2.6 host is a NIS+ client, and any user other than root is
> running CDE at the console, CDE's screen locking feature does not work.
> Any random string is sufficient to unlock to console. Obviously, this is
The bug has nothing to do with NIS+. The CDE screenlocker (dtsession)
accepts either the user's password or the root password to unlock
the screen.
When root doesn't have a password, it accepts anything. A bug? hardly.
Install a root password.
[...]
--
Frank Cusack + Today's Haiku No keyboard present
Icon CMT Corp. + error message: Hit F1 to continue
PGP: C001AA75 + Zen engineering?
