Date: Fri, 16 Oct 2009 17:40:02 GMT From: David Wolfskill <david@catwhisker.org> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/139676: maintainer update x11/xlockmore Message-ID: <200910161740.n9GHe2hq069361@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/139676; it has been noted by GNATS. From: David Wolfskill <david@catwhisker.org> To: freebsd-gnats-submit@FreeBSD.org Cc: Subject: Re: ports/139676: maintainer update x11/xlockmore Date: Fri, 16 Oct 2009 10:22:39 -0700 --VbJkn9YxBvnuCH5J Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Please note that the reason xlockmore 5.29.1 was released is that 5.29 will fail if invoked from within certain "virtual" window managers. The failure is accompanied by a message: | X Error of failed request: BadWindow (invalid Window parameter) | Major opcode of failed request: 3 (X_GetWindowAttributes) | Resource id in failed request: 0x45 | Serial number of failed request: 82 | Current serial number in output stream: 83 and xlockmore fails to actually lock the screen. (I specifically observed it with the piewm and tvtwm window managers, and noted that the failure does not occur using the twm window manager. I believe that in general, window managers based on tvtwm are susceptible. It is possible that any "virtual" window manager is susceptible.) As a common way to invoke xlock(more) is via xautolock (in which case, the message is not generally displayed in a place where anyone would see it), the overall effect is that one would leave the computer, expecting that xlock(more) would offer at least some protection, while in fact, nothing of the sort happens: the machine is merely left logged in and unattended. This is probably a bit more of a security exposure than folks using xautolock would be likely to expect. Getting this committed prior to the release of 8.0 would thus be welcome. (I have also verified that the fix is effective for both piewm and tvtwm.) Peace, david --=20 David H. Wolfskill david@catwhisker.org Depriving a girl or boy of an opportunity for education is evil. See http://www.catwhisker.org/~david/publickey.gpg for my public key. --VbJkn9YxBvnuCH5J Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (FreeBSD) iEYEARECAAYFAkrYq94ACgkQmprOCmdXAD1iegCeOluAqFRdeqo4sdH0abTQr1Fq BT8An3Y8yJshIablGBS2POUjyRKynwa2 =u9oA -----END PGP SIGNATURE----- --VbJkn9YxBvnuCH5J--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200910161740.n9GHe2hq069361>