Stupidity, bad memory and murphy’s law (aka xlock and root pw)

September 24, 2007

When you setup a machine it is stupid to put the same password to the user and root account .. and then forget about this! (I use 99.999% of the time the sudo command, so it is quite some time since I’ve used the root password).  Then you decide to change the user password.

I use Xlock in order to lock the terminal when i’m gone from the office. Today i came in the morning and out of a habbit i typed in the old password. Suddenly i saw the terminal unlocks. Agkrrr! What happened?? I tried again, the old password works. I was puzzled. Not a long time ago we had some hacking incidents so i got really worried. After looking for a while arround (using ktrace and systrace to monitor what is going on) I “found out” something that i had forgotten:

-/+allowroot
The  allowroot  option  allows  the  root password to
unlock the server as well as  the  user  who  started
xlock.   May  not  be  able  to  turn this on and off
depending on your system and how  xlock  was  config­
ured.

I still believe that it should be a better UI on xlock .. so that you have  to press a button and enter the root password for the admin to unlock it, but again as murphy’s law says:

Anything That Can Possibly Go Wrong, Does

being extra stupid, and having a bad memory .. really helps this law!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: