543729b13a
-no PAM (default): let configure figure out whether shadow passwords are used, in that case xscreensaver will be installed suid to enable checking -"pam" option enabled: assume that PAM is able to check the password w/o root privs; require the new pam-pwauth_suid on NetBSD for that -"pam" option enabled; the user decides not to use pam-pwauth_suid but sets xscreensaver suid instead (on NetBSD, or if the PAM implementation needs it) add a MESSAGE discussing the latter 2 options bump PKGREVISION
17 lines
868 B
Text
17 lines
868 B
Text
===========================================================================
|
|
$NetBSD: MESSAGE,v 1.1 2007/01/08 21:45:10 drochner Exp $
|
|
|
|
If xsreensaver is built with the "pam" option:
|
|
In order to make unlocking work , you need to add an
|
|
xscreensaver file to your pam configuration directory (usually
|
|
/etc/pam.d). You can find a sample file in:
|
|
${EGDIR}/pam.d/xscreensaver-NetBSD
|
|
On NetBSD, the "pam_pwauth_suid.so" module can be used to authenticate
|
|
against a shadow password database. Note that use of this module might
|
|
allow programs with your privileges to get a copy of your plaintext
|
|
password as typed in for unlocking.
|
|
Alternatively, you might set the
|
|
${PREFIX}/bin/xscreensaver
|
|
executable setuid root. Since this is a relatively complex program,
|
|
there is the risk of other exploits.
|
|
===========================================================================
|