When comparing Xlockmore vs XSecureLock, the Slant community recommends XSecureLock for most people. In the question“What are the best screen-savers / screen lockers for UNIX-like systems?” XSecureLock is ranked 4th while Xlockmore is ranked 5th. The most important reason people chose XSecureLock is:
- Authentication and screen saving in separate processes so that crash of these processes will not unlock the screen. - The main process is kept minimal for easy auditing. - The main process regularly refreshes the screen grabs (just in case). - The main process regularly brings its window to the front, to avoid leaking notifications. - The main process resizes its window to the size of the root window, avoid leaking information by attaching a secondary display. - The main processes uses only a single buffer - to hold a single keystroke. Therefore it is impossible to exploit a buffer overrun in the main process by e.g. an overlong password entry. - The only exit condition of the program is the Authentication Module returning with exit status zero, on which xsecurelock itself will return with status zero; therefore especially paranoid users might want to run it as sh -c "xsecurelock ... || kill -9 -1" :)
Ranked in these QuestionsQuestion Ranking
Pros
Pro Very simple
Xlockmore is a set and forget screenlocker. To this end, there's no frontend or advanced configuration.
Pro Created by Google with security in mind
- Authentication and screen saving in separate processes so that crash of these processes will not unlock the screen.
- The main process is kept minimal for easy auditing.
- The main process regularly refreshes the screen grabs (just in case).
- The main process regularly brings its window to the front, to avoid leaking notifications.
- The main process resizes its window to the size of the root window, avoid leaking information by attaching a secondary display.
- The main processes uses only a single buffer - to hold a single keystroke. Therefore it is impossible to exploit a buffer overrun in the main process by e.g. an overlong password entry.
- The only exit condition of the program is the Authentication Module returning with exit status zero, on which xsecurelock itself will return with status zero; therefore especially paranoid users might want to run it as sh -c "xsecurelock ... || kill -9 -1" :)
Cons
Con If it crashes, it vanishes
This takes your screenlock down, rendering it not locked.