I thought that the shadow file only had to be root-only writable? Regards / Mit freundlichem Gruß / Salutations John Monaghan BSc (hons) Computer Science - Software Engineering (AIRS) Software Engineer Front Office Development Hogatex Software GmbH Baldhamer Straße 39, D-85591 Vaterstetten Tel: +49 / (0)8106 / 321-0, Fax:+49 / (0)8106 / 321 -111 mailto:monaghan@hogatex.de http://www.hogatex.com -----Ursprüngliche Nachricht----- Von: Anders Johansson [mailto:andjoh@cicada.linux-site.net] Gesendet: Freitag, 2. August 2002 11:30 An: suse-kde@suse.com Betreff: Re: [suse-kde] Fwd: screensaver fails password check On Friday 02 August 2002 11:22, Martin Knoblauch wrote:

The question is now: should the shadow file be world readable,

No, no, no, the whole point of having a shadow file is that it should be root-only.

or chould kcheckpass be made setuid-root.

kcheckpass should be owned by root, group shadow and be setgid shadow. chmod g+s /opt/kde3/bin/kcheckpass Also, check your security settings in /etc/sysconfig/security, variable PERMISSIONS_SECURITY. Edit permissions.{easy|secure|paranoid}, depending on your settings, and make sure that the line for kcheckpass has 2755 as the mode. //Anders -- To unsubscribe, email: suse-kde-unsubscribe@suse.com For additional commands, email: suse-kde-help@suse.com Please do not cross-post to suse-linux-e