One of the functions of GNU Screen is to lock the screen.
The man page says this:
lockscreen
Lock this display. Call a screenlock
program (/local/bin/lck or
/usr/bin/lock or a builtin if no other
is available). Screen does not accept
any command keys until this program
terminates. Meanwhile processes in the
windows may continue, as the windows
are in the `detached' state. The
screenlock program may be changed
through the environment variable
$LOCKPRG (which must be set in the
shell from which screen is started)
and is executed with the user's uid
and gid. Warning: When you leave other
shells unlocked and you have no
password set on screen, the lock is
void: One could easily re-attach from
an unlocked shell. This feature should
rather be called 'lockterminal'.
If I login to a Linux console start screen and then lock the session and then walk away is there any way a person will be able to quit out of screen and use the system under my credentials. The above section from the man page isn't entirely clear to me. Assume that attacker has no other access to the system and they won't reboot the system.
Best Answer
Nope, you're safe.
If I had to guess about what you found confusing about the man-page, I'd say it was the warning-part. What they are trying to say is that it isn't the screen-session itself that is locked, but that instance on that specific terminal. If you have left shells where the attacker can start screen as your user, they can get access to what you have running in the locked screen.
I'm not sure why this is a scenario though. If it's a server, why don't you just login using SSH? If it's a desktop machine - why don't you run xlock instead?