On 19 Nov 2002 18:05:12 +0100 Squire Anders Johansson uttered the following:
On Tue, 2002-11-19 at 12:49, Karol Pietrzak wrote:
Thanks much Peter Nixon. So tell me, how do I get kcheckpass, xlock, and friends to work without compromising my security?
I thought I had posted the answer to that already. kcheckpass should be suid.
Yes. You are right.
And don't use permissions.paranoid unless you're very aware of what you're doing. It will only give you headaches
Yes. permissions.paranoid is really only for hardening a server. I do use this mode on all my servers, but it has some settings that you really need to be aware of (like stripping SUID bit from /bin/su) which will lock you out of your own machine if you are not carefull. -- Peter Nixon http://www.peternixon.net/ PGP Key: http://www.peternixon.net/public.asc