Re: 3.6 Feature: Lock Screen

From: Tomas Frydrych <tf+lists gnome r-finger com>
To: desktop-devel-list gnome org
Subject: Re: 3.6 Feature: Lock Screen
Date: Thu, 26 Apr 2012 23:41:10 +0100

Hi,

On 25/04/12 23:38, Marina Zhurakhinskaya wrote:
> Technically, the code for fading out the screen and displaying the
> lock screen when the user becomes active again will be added to GNOME
> Shell, and the gnome-screensaver will no longer be used. 

There are security implications of this proposed change. In the event
the Shell crashes, you cannot make any assumptions, and therefore any
guarantees, about how much of the state will be recovered, and hence
that lock will not be compromised. Even if the Shell does restart
successfully, the content of the desktop is visible for the time it
takes the Shell to restart, which is by no means negligible.

Considering how often Mutter crashes (I see about 3-4 crashes an hour),
the WM is a completely unsuitable process to be endowed with any
security responsibilities. I think the screen lock needs to remain a
separate process with a singular focus rather yet another thing for the
WM to deal with.

Tomas

Follow-Ups:
- Re: 3.6 Feature: Lock Screen
  - From: Jasper St. Pierre

References:
- 3.6 Feature: Lock Screen
  - From: Marina Zhurakhinskaya

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]