Re: WM enhancements to support accessible screen lock



On Tue, 2003-09-30 at 15:57, Lubos Lunak wrote:
...
> > Grabbing the input is actually useless too, if by that you mean normal
> > XGrabs (they offer very little security, contrary to some people's
> > common notion).
> 
>  That's news to me (well, I said I'm not a security person). What's the 
> problem with grabs?

Grabs don't prevent snooping via other X API; for instance xspy can
snoop keyboard input while the keyboard is grabbed by another client. 
Similarly there's more than one way to sniff the mouse via Xlib or XKB
while a grab is in progress.  The 'holes' aren't so convenient that they
make a good accessibility workaround, but they mostly negate the
security of grabs.

If anybody other than the person who locked the display can connect to
the DISPLAY, then security is pretty thoroughly compromised.  If the
issue is protecting onscreen data from prying eyes and fingers while the
end-user is having a coffee break, the WM's ability to manage focus is
IMO sufficient.

- Bill
> 
> -- 
> Lubos Lunak
> KDE developer
> ---------------------------------------------------------------------
> SuSE CR, s.r.o.  e-mail: l lunak suse cz , l lunak kde org
> Drahobejlova 27  tel: +420 2 9654 2373
> 190 00 Praha 9   fax: +420 2 9654 2374
> Czech Republic   http://www.suse.cz/
> 
> _______________________________________________
> wm-spec-list mailing list
> wm-spec-list gnome org
> http://mail.gnome.org/mailman/listinfo/wm-spec-list





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]