[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-bugs-dist
Subject:    Bug#1071: Remote X login causes local klock to unlock console
From:       "Monson, Erik" <emonson () coin ! state ! pa ! us>
Date:       1999-03-26 13:48:10
[Download RAW message or body]

Package: klock
Version: KDE 1.1


When logged in as ROOT on the system console and with the X session locked
through klock, a remote X login as root (through kdm) will unlock the
console.  This is on a 'plain-vanilla' RedHat 5.2 machine using the KDE-1.1
.rpms for RedHat 5.2.  

This introduces a big security problem in certain situations.  I have an
X-based network management application running on the system console, so I
frequently just lock the screen.  I now log in from a user account and su to
root to run any applications remotely.   These problems only occur when
using kdm to login.

Erik Monson

[prev in list] [next in list] [prev in thread] [next in thread]