[17263] in Athena Bugs
sun4 8.3.17: xss
daemon@ATHENA.MIT.EDU (Brad Thompson)
Wed Oct 13 22:51:47 1999
Message-Id: <199910140251.WAA24981@x15-cruise-basselope.mit.edu>
To: bugs@MIT.EDU
Date: Wed, 13 Oct 1999 22:51:36 -0400
From: Brad Thompson <yak@MIT.EDU>
System name: x15-cruise-basselope.mit.edu
Type and version: Ultra-5_10 8.3.17 (with mkserv)
Display type: afb
Shell: /afs/sipb/project/bash/bash
Window manager: nawm
What were you trying to do?
Lock my screen with xss.
What's wrong:
I was able to unlock the screen with the root password. This also
works on cluster machines, making xss effectively useless (to me)
as a locking program.
What should have happened:
I should not have been able to unlock the screen with the root
password (or if I was, it should log me out).
Please describe any relevant documentation references:
The xss manpage did not suggest a way to disable the root password
(or I am blind). Even if there is a way to disable the root
password, it should be on by default.
