Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 82708

Summary: Password can be circumvented
Product: [Retired] Red Hat Raw Hide Reporter: Reto Stamm <reto>
Component: xscreensaverAssignee: Bill Nottingham <notting>
Status: CLOSED DUPLICATE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0CC: rvokal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-02-21 18:51:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Reto Stamm 2003-01-25 03:41:48 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.6 (X11; Linux i686; U;) Gecko/20020830

Description of problem:
With an all defaults installation, when I am in Gnome and "Lock Screen" from the
Menu, it is still possible to do <Ctrl><Alt><F1> to change to terminal one. I
may still be logged in on Terminal 1, so I can access the machine without password.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.start x
2.<ctrl><alt><F1>
3.Log in
4.<ctrl><alt><F7>
5.Lock screen
6.<ctrl><alt><f1>

    

Actual Results:  I can use the shell I logged into in step 3.

Expected Results:  It should ask me for my password first.

Additional info:

Comment 1 Bill Nottingham 2003-01-25 04:11:17 UTC
This falls under the same situation as the referenced bug.

*** This bug has been marked as a duplicate of 26933 ***

Comment 2 Red Hat Bugzilla 2006-02-21 18:51:22 UTC
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.