[P1] Security hole in X.2 and password protection using screen saver

[Richard McKay]

Tom R. no spam wrote the following:

> has anyone reported this to Apple?

Yes, I imagine they are working on it? The original person that found this
out has even told Apple about it before posting to allow them time to work
on it...they didn't seem to respond. Go figure...

> You don't ahve to tell
> them all the ctrl-K, etc stuff, just the basic situation.

Just to clarify, I was passing on a method to do this without having to type
1200 characters (I'm not going to count!) in a row or without simply holding
down a letter key for a few minutes...but they would have the same effect.
simply holding down on a letter for a few minutes will still override the
security...

The good news is that this is only a problem for physical attacks on a
computer and does not cause problems for security from remote attacks. But
it should still be fixed and until then be forewarned...to be safe log out
and then back in when you have concerns, this will be a safer option...

Cheers,

Richard
--