This has been a long-time coming, a security weakness. When you click the 'lock' icon at top-right of screen, you get a screensaver. The main usage is if you leave your desk, this will prevent others from accessing your computer -- however, ctrl-alt-backspace exits to the console and then they can type "xwin" to bring back the desktop, then they can snoop around.
I have applied lobster's 'xmodmap' operations in /usr/local/apps/Xlock/AppRun, which is in 'xlock_gui' PET package. It is now 'xlock_gui-0.2-3.pet'. This disables the CTRL key while the screensaver is in operation.
Comments:Posted on 8 Jun 2010, 21:00 by Dejan
Password bug solved too?
I mentioned this several times - when xlock asks for password on first run it will take second password no matter if it matches the first one - in that case going back to prompt would be usefull - but if it's solved then it's great solution for preventing it.
Posted on 8 Jun 2010, 21:17 by BarryK
Re Xlock password bug
That bug is in the 'xlock' binary executable. That is the 'xlockmore' package, version 5.20.1, which is not the latest.
I compiled that ages ago, hacked it a bit to reduce it's size.
So, I guess we have to revisit it, get the latest and compile it. Someone will anyway...
Posted on 8 Jun 2010, 21:37 by BarryK
Re Xlock password
The changelog for version 5.20 has this:
Allow xlockrc to allow passwords of any length (not just 8) thanks to
<Manuel.Reimer AT gmx.de> (actually it just ignores characters after
the 8th character... but now ignores it in a more consistent way).
So only the first 8 characters have to be the same.
Version 5.29 has this:
xlockrc (use of xlock without system password) did not actually check
if Key portion matched Again portion. Also now deletes null .xlockrc
file when there is a mismatch.
...which I suppose fixes the bug.
Posted on 9 Jun 2010, 13:46 by aarf
"The main usage is if you leave your desk, this will prevent others from accessing your computer -- however, ctrl-alt-backspace exits to the console and then they can type "xwin" to bring back the desktop, then they can snoop around."
just exactly who are these dangerous deviants and what are they doing in such close proximity to your computer?
oh it's your mom with the PhD in IT that she got out of the breakfast cereal box
Posted on 9 Jun 2010, 15:08 by BarryK
Re super snoops
I have no idea, people have told me that they have this need to hide what they are doing while away from their computer.
Posted on 14 Jun 2010, 23:28 by DrOwl
xlock and networking
I have always had a problem with Xlock and networking (namley i use my puppy box as a synergy server over a ssh connection, and the synergy connection is lost when xlock is running)
I have looked around for the right options to stop this hapening but am missing something.
Any one know why this happens and what can be done to stop it?