Thanks all for the comments. Citing security concerns really doesn't work with people that don't see what's so bad about telnet...
The Solaris admins look for any excuse not to replace Solaris with Linux. This screen unlocking is just one example. There are 8 Solaris admins vs 2 Linux admins. Switching to VT1 then killing kdesktop_lock is considered too hard. I'm log an SR with RedHat and take it from there. Thanks again. CC > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of John Summerfield > Sent: Wednesday, 19 November 2008 9:17 AM > To: Red Hat Enterprise Linux 5 (Tikanga) discussion mailing-list > Subject: Re: [rhelv5-list] RE: Enable root to unlock screen > saver (KDE) > > Sharpe, Sam J wrote: > >> -----Original Message----- > >> From: [EMAIL PROTECTED] [mailto:rhelv5-list- > >> [EMAIL PROTECTED] On Behalf Of John Summerfield > >> Coe, Colin C. (Unix Engineer) wrote: > >>> Hi and thanks for the response. > >>> > >>> I should have stated more clearly that we use KDE not Gnome. The > >> reason for this is the oil & gas apps that our > workstations users' use > >> work best under KDE not Gnome so to keep things standard, > we use KDE > >> everywhere. > >>> On my workstation, I see these two processes: > >>> me 8220 7283 0 15:49 ? 00:00:00 > >> /usr/bin/kdesktop_lock --forcelock > >>> me 8221 8220 0 15:49 ? 00:00:00 > >> /usr/bin/kblankscrn.kss -root > >>> There is no gnome-screensaver process. > >>> > >>> I have tried just using the root password to unlock the > screen saver > >> but this doesn't work. > >>> Thanks > >>> > >>> CC > >>> > >> try marking one or both of those binaries setuid root and > see whether > >> it > >> works. > >> > >> Then, you can > >> 1. Deploy systems that way > >> or > >> 2. Tell the SUN users it's a security issue and the gods > will not allow > >> it. > > > > Or just tell the SUN users to follow these steps: > > 1) CTRL-ALT-F1 to get to a console > > 2) Login as root > login as whomever > startx :2 > > 3) killall -9 kdesktop_lock > > 4) CTRL-F7 to get back to the desktop. > > X is usually on tty13 on my systems:-) > > On reflection, interfering with another user's session is particularly > bad form. I'm not sure my policies would permit it. The > "unlock" screen > should allow user switching. > > > -- > > Cheers > John > > -- spambait > [EMAIL PROTECTED] [EMAIL PROTECTED] > -- Advice > http://webfoot.com/advice/email.top.php > http://www.catb.org/~esr/faqs/smart-questions.html > http://support.microsoft.com/kb/555375 > > You cannot reply off-list:-) > > _______________________________________________ > rhelv5-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/rhelv5-list > NOTICE: This email and any attachments are confidential. They may contain legally privileged information or copyright material. You must not read, copy, use or disclose them without authorisation. If you are not an intended recipient, please contact us at once by return email and then delete both messages and all attachments. _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
