[Differential] [Updated] D797: Require user to authenticate when trying to change lock screen settings

colomar (Thomas Pfeiffer) noreply at phabricator.kde.org
Tue Jan 12 19:58:29 UTC 2016


colomar added a comment.

I must say that I am not happy with this solution, either.
I agree with David: If there is a malicious process running, the lock screen is likely the least problem the user has to worry about. Why switch off lock screen and wait until I have unobserved //physical access// to a computer when I can just give myself remote access while the user is at their machine?
If we ask the password for changing any user-specific setting that could have a potential security implication (the lock screen is certainly not the only setting where a malicious application could cause a security problem), configuring your system will become quite tedious.


REPOSITORY
  rKSCREENLOCKER KScreenLocker

REVISION DETAIL
  https://phabricator.kde.org/D797

EMAIL PREFERENCES
  https://phabricator.kde.org/settings/panel/emailpreferences/

To: graesslin, bshah, davidedmundson, colomar
Cc: mak, plasma-devel


More information about the Plasma-devel mailing list