![](https://seccdn.libravatar.org/avatar/e3cb1773cd040fe5a809c04dbf1bb6e4.jpg?s=120&d=mm&r=g)
Hi, We recently update our clients from 13.2 to 42.2. And kcheckpass seems to have no longer set the suid bit (starting from 42.1 I guess). Is there a reason why? I guess security? But without suid bit set screensaver unlocks only if /etc/ldap.conf is world readable. Otherwise I get in KDE kcheckpass[14251]: pam_ldap: missing file "/etc/ldap.conf" However, we store our ldap passwd in /etc/ldap.conf for pam_ldap authentication. Setting /etc/ldap.conf world readable allows local users to see the bind password, which is not at all ideal. What is less secure? suid for kcheckpass or readable bind credentials? Or have I missed something? Thanks for any hint on this topic. Cheers, Urs -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org