[Differential] [Commented On] D797: Require user to authenticate when trying to change lock screen settings
mak (Matthias Klumpp)
noreply at phabricator.kde.org
Tue Jan 12 18:34:29 UTC 2016
mak added a subscriber: mak.
mak added a comment.
In https://phabricator.kde.org/D797#15210, @davidedmundson wrote:
> This breaks every user's backup script by having root files in the user's home. So I am very much not happy with this idea at all.
> Especially as it acheives very little anyway, if you have a malicious app on your system - why on Earth does it want to modify your lock screen settings when it has access to everything the user has already?
>
> We want to sandbox apps that might misbehave from the user, not elevate user processes above the user.
I must agree with David on this, generally having root own files in /home is a terrible idea.
One solution that might work is to move the whole configuration file out of home and into `/etc/kde/plasma-screenlocker/<username-or-uid>/config` and have the KCM write to that file and have the screenlocker read information from there. It's still a hack, but I think it's a better one than having rood fiddle with stuff in /home.
On the general usecase, I think it really adds just marginal additional security, and personally I would ignore this particular attack vector with the same reasoning @davidedmundson already outlined. On the other hand though, every bit of additional security might be a good thing, and a fully-sandboxed world won't happen on the Linux desktop within the next years, so if a good solution can be found, we should use it.
REPOSITORY
rKSCREENLOCKER KScreenLocker
REVISION DETAIL
https://phabricator.kde.org/D797
EMAIL PREFERENCES
https://phabricator.kde.org/settings/panel/emailpreferences/
To: graesslin, bshah, colomar, davidedmundson
Cc: mak, plasma-devel
More information about the Plasma-devel
mailing list