ports/139676: maintainer update x11/xlockmore
David Wolfskill
david at catwhisker.org
Fri Oct 16 17:40:02 UTC 2009
The following reply was made to PR ports/139676; it has been noted by GNATS.
From: David Wolfskill <david at catwhisker.org>
To: freebsd-gnats-submit at FreeBSD.org
Cc:
Subject: Re: ports/139676: maintainer update x11/xlockmore
Date: Fri, 16 Oct 2009 10:22:39 -0700
--VbJkn9YxBvnuCH5J
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Please note that the reason xlockmore 5.29.1 was released is that 5.29
will fail if invoked from within certain "virtual" window managers.
The failure is accompanied by a message:
| X Error of failed request: BadWindow (invalid Window parameter)
| Major opcode of failed request: 3 (X_GetWindowAttributes)
| Resource id in failed request: 0x45
| Serial number of failed request: 82
| Current serial number in output stream: 83
and xlockmore fails to actually lock the screen.
(I specifically observed it with the piewm and tvtwm window managers,
and noted that the failure does not occur using the twm window
manager. I believe that in general, window managers based on tvtwm are
susceptible. It is possible that any "virtual" window manager is
susceptible.)
As a common way to invoke xlock(more) is via xautolock (in which case,
the message is not generally displayed in a place where anyone would see
it), the overall effect is that one would leave the computer, expecting
that xlock(more) would offer at least some protection, while in fact,
nothing of the sort happens: the machine is merely left logged in and
unattended.
This is probably a bit more of a security exposure than folks using
xautolock would be likely to expect. Getting this committed prior to
the release of 8.0 would thus be welcome.
(I have also verified that the fix is effective for both piewm and
tvtwm.)
Peace,
david
--=20
David H. Wolfskill david at catwhisker.org
Depriving a girl or boy of an opportunity for education is evil.
See http://www.catwhisker.org/~david/publickey.gpg for my public key.
--VbJkn9YxBvnuCH5J
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.13 (FreeBSD)
iEYEARECAAYFAkrYq94ACgkQmprOCmdXAD1iegCeOluAqFRdeqo4sdH0abTQr1Fq
BT8An3Y8yJshIablGBS2POUjyRKynwa2
=u9oA
-----END PGP SIGNATURE-----
--VbJkn9YxBvnuCH5J--
More information about the freebsd-ports-bugs
mailing list