[Differential] [Request, 260 lines] D797: Require user to authenticate when trying to change lock screen settings
graesslin (Martin Gräßlin)
noreply at phabricator.kde.org
Tue Jan 12 12:52:44 UTC 2016
graesslin created this revision.
graesslin added reviewers: bshah, davidedmundson.
graesslin added a subscriber: plasma-devel.
REVISION SUMMARY
The idea behind this change is to make it impossible for a malicious
process to just disable the lock screen. To achieve that modifying the
lock screen settings are denied for the normal user. When the user wants
to modify the settings a KAuth helper is required.
The security is done by setting the config file to immutable. That way
a non-root process is no longer able to modify the file. Neither write
to it, nor rename it or delete it.
The KAuth helper removes the immutable flag, writes the changes and
sets the immutable flag again. If the file doesn't exist, it creates
it, changes ownership to the owning user and performs the normal
action.
The KAuth helper performs various tasks to ensure the security:
* validates that neither config directory, nor the config file are
symlinks
* validates that config directory and config file are owned by the
user
* only writes the known values
REPOSITORY
rKSCREENLOCKER KScreenLocker
BRANCH
authorize-config-changes
REVISION DETAIL
https://phabricator.kde.org/D797
AFFECTED FILES
CMakeLists.txt
auth-helper/CMakeLists.txt
auth-helper/kscreenlocker.actions
auth-helper/kscreenlockerauthhelper.cpp
auth-helper/kscreenlockerauthhelper.h
kcm/kcm.cpp
EMAIL PREFERENCES
https://phabricator.kde.org/settings/panel/emailpreferences/
To: graesslin, bshah, davidedmundson
Cc: plasma-devel
More information about the Plasma-devel
mailing list