Re: [dwm] vulnerability in slock

From: Albert Cardona <>
Date: Mon, 12 Mar 2007 07:15:51 -0400

> No locker should prevent you from killing the x server. If you
> use startx use
> startx && exit
> to prevent such situation, or simply
> exec startx
Thanks for the tips, I wasn't aware of the unix way of securely
launching startx.

As for the pam mechanism, one can setup custom entries for any program
(for example for xscreensaver, or for sudo as I mentioned). Here is the
one for the xscreensaver (which works fine):

albert_AT_pad:/etc/pam.d$ cat sudo
#@include common-auth
#disabling fingerprint reader for sudo
auth sufficient nullok_secure
auth required {<deleted>} /etc/bioapi/pam/
password required {<deleted>} /etc/bioapi/pam/
@include common-account

I created an entry for slock with identical contents (actually a
symlink, the above for xscreensaver is as well a symlink to the 'sudo'

There is an entry for login, but if I modify it I see I will run into
"trouble" in that then I won't have fingerprint reader for gdm when I
need it. I may just stick to xscreensaver for the time being, until I
figure out how to make slock be aware of its own pam entry.

Received on Mon Mar 12 2007 - 12:16:11 UTC

This archive was generated by hypermail 2.2.0 : Sun Jul 13 2008 - 14:38:55 UTC