Security Audit Request for Screenlocker Branch
Martin Gräßlin
mgraesslin at kde.org
Tue Oct 11 17:07:16 BST 2011
On Tuesday 11 October 2011 17:47:13 you wrote:
> Am Tue, 11 Oct 2011 17:00:46 +0200
>
> schrieb Martin Gräßlin <mgraesslin at kde.org>:
> > that is a good suggestion. I will think about how I can add that.
> > Though if someone breaks by crashing kwin he is also able to remove
> > any log. So this could be just snakeoil.
>
> He'll be able to click away the message, yes.
>
> But unless you intend to put a file into the users $HOME ... man:syslog
> (crashing the screenlocker does not mean to raise privileges, you're
> pretty screwed in that case, but that's not a a kwin issue)
ok logging to syslog can be added, if we add a watch daemon it could go there.
Cheers
Martin
>
> Cheers,
> Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20111011/94d061d5/attachment.sig>
More information about the kde-core-devel
mailing list