https://bugzilla.xfce.org/show_bug.cgi?id=12282
--- Comment #2 from Jarno Suni <[email protected]> --- So isn't the solution then that system administer changes PATH so that it does not contain user-writeable directories? Well, in terminal a regular user can change PATH though. I think it would be safer to check in xflock4 that the command is not user-writeable and is owned by root. (I have a shell function for that.) If the command told by an xfconf variable is used for locking, it can be changed by regular user to run some command that might not lock anyway, but supposedly not as harmful command. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ Xfce-bugs mailing list [email protected] https://mail.xfce.org/mailman/listinfo/xfce-bugs
