This thread got a little lost at the end of the year (happy New Year everyone!), I wanted to try to summarize my understanding (to see if I'm understanding right) and to see if everyone agrees :) Issue: The Sun folks want to have a trusted path of processes talking to PAM, which basically means processes that can't load user specified modules. This would include things like GTK+ themes, image loaders, etc. Plan: Create a DBUS interface to service that would actually be the person controlling whether the display is unlocked. Likely this would run under the GDM user. The permission aspect could be controlled via something like PolicyKit. Is that the idea in a nutshell? --Ted
Attachment:
signature.asc
Description: This is a digitally signed message part