[dwm] vulnerability in slock

From: Albert Cardona <cardona_AT_ucla.edu>
Date: Mon, 12 Mar 2007 02:28:09 -0400

At least in slock 0.6, nothing prevents me from killing the Xorg server
with control+alt+backspace, returning to an open tty.

Also, I cannot unlock ever: the screen turns black on launching slock,
then I type my password and push return. Slock beeps and that's it, no
unlocking. I have a fingerprint reader enabled that I use on the gnome
side. 'pam' is setup so that sudo does not ask for the finger tip swipe.
I fail to see why should pam interfere with slock, but I can't see any
other source of inteference other than pam.

Any hints appreciated.

Received on Mon Mar 12 2007 - 07:28:23 UTC

This archive was generated by hypermail 2.2.0 : Sun Jul 13 2008 - 14:38:53 UTC