Alan Coopersmith wrote: > Aaron Zang wrote: >> Alan Coopersmith wrote: >>> Gary Winiger wrote: >>>> The vtdaemon service proposed a "rootunlock" property. When the >>>> value of >>>> "rootunlock" was "true", vtdaemon allowed unlocking text virtual >>>> consoles >>>> using the root user's password instead of the locking user's password. >>>> >>>> The project team now considers the "rootunlock" property as unnecessary >>>> because: >>>> >>>> 1) Neither xlock nor xscreensaver have such an unlocking feature. >>> I don't understand this claim - xlock, xscreensaver & CDE lockscreen >>> all have >>> a feature to allow unlocking the screen with the root password instead >>> of the >>> locking's users password, mostly because our customers demanded it be >>> there. >>> (Whether it's on or off by default differs by OS rev & program, but they >>> all have it - see "-allowroot" in xlock(1), "Dtsession*keys" in >>> dtsession(1), >>> and the allowRoot xscreensaver resource defined in LSARC 2006/446 which >>> we apparently forgot to document in the man page.) >>> >> Yes, these locks all have code supporting root unlock, and there are macros >> functioning as switches to turn the feature on and off during compilation. >> Current Solaris releases always turn off the switches (without compiling >> this >> feature in). That what we really mean. > > That is still wrong - they are all still built with the feature present. > In current Nevada builds the feature is not enabled by default, but > can be turned on at runtime, without a recompile, by just setting > the flag/properties mentioned. >
OK, I see. I tried xlock -allowroot on my system, it did work. And I found a "AllowRoot" entry in ~/.xscreensaver with "False" as default. It seems that we should refine our claim like this: "Neither xlock nor xscreensaver support such an unlocking feature by default" Is it correct? Anyway, I still believe that the trend is to not using rootunlock. I still remember that around Nevada build 30, xscreensaver supported rootunlock by default, and now it is not the default behavior. -- aaron -- You know some birds are not meant to be caged, their feathers are just too bright.
