Security Audit Request for Screenlocker Branch

Oswald Buddenhagen ossi at
Wed Oct 12 18:38:11 BST 2011

On Wed, Oct 12, 2011 at 04:47:54PM +0200, Dario Freddi wrote:
> 2011/10/12 Martin Gräßlin <mgraesslin at>:
> > ok I have been thinking about it and have a new proposal:
> > * writing a kded module to only handle the screen locking (grab keyboard and
> > mouse)
> TBH, if you really care about not making the thing crash, I would not
> put it into KDED, which has a lot of things which are not under your
> control potentially crashy, but into a separate running daemon.
my first thought, too. :}

> > * having greeter in a separate process, so that the kded module can restart
> > the greeter in case it crashes
> > * use xproperty on all greeter windows to inform the compositor which windows
> > belong to it
i'm assuming you are including the locker/saver window in "greeter

> > * use a kwin effect to additionally ensure that the screen is
> > blanked and nothing gets above the greeter windows
> >
that seems superfluous. the presence of the locker window simultaneously
indicates "locker mode" and provides "blanking content" (rendered by an
out-of-process hack and blanked in-process as a fallback). when that goes
away unexpectedly, all bets are off anyway.

More information about the kde-core-devel mailing list