> This is good.  But what if a user program want's to validate his/her
> own password?  Shouldn't this return a valid password entry if the
> requested uid is the same as the effective uid, or effective uid is 0?
> Currently, this breaks the new xlock (xlockmore).

I believe the general theory here is that different subsystems should use
*different* passwords; it is, by this light, an _error_ that xlock wants
to use the login password.  After all, the same key doesn't open your car
and your home, does it?

------------------------------------------------------------------------------