Peter Tobias <tobias@et-inf.fho-emden.de> writes: > Setting the binary to 2755 root.shadow is only necessary if the > program will be run by normal users. Programs that are only started > by root (for example system daemons) can (and should) be 755 root.root. Yes, of course. And then it's not necessary to switch euids. xlockmore is clearly in the former category though. Guy