Reporter Marco van Berkum
I came across a nice xlock bug when i noticed i couldnt log in again as
user after i "locked" my windowmaker screen. Xlock (afaik) is suid by
default to read passwords from /etc/shadow. I removed most suidbits on my
Slackware 7.1 box. Also the suidbit on my xlock has been removed.
Any user with physical access can get into the window manager screen by
simply pressing ENTER when xlock is not setuid root. With a default
Slackware install and also with a default xlockmore install there is no
file named .xlockrc created. After executing xlock and pressing ENTER
a empty DES string is placed in .xlockrc and can therefore be used as
This works for all userlogins except root because root can be checked
with /etc/shadow. This also doesnt work when there is a correct (according
to /etc/shadow) DES string in $HOME/.xlockrc (This is explained somewhere
in the README file).
Fix: set suidbit on xlock ?!?!?! Or give all users who need physical
windowmanageraccess a correct .xlockrc file.
Marco van Berkum