[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [E-devel] Desklock
On Tue, 28 Feb 2006 10:59:27 -0800 (PST) Eric Sandall <email@example.com> babbled:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On Tue, 28 Feb 2006, Aleksej Struk wrote:
> > The feature is still under development. Actually, the unlocking
> > through the user system wide password will be implemented too.
> > For now, the personal desklock password is, more or less, a temporal
> > feature.
> As I'm not the one coding this I probably don't have much input ;),
> but IMO the only password allowed should be the already setup user
> password, not Yet Another Password that the user has to define and
> remember (though they could use the same password as their account
> password, but then that opens up 'security' issues with who gets
> access to where this password is stored, is it encrypted, etc.).
the problem is - to handle the "user password" is a massive pain in the arse. you need to use PAM or getpwent() and this presents some serious problems. what if your user account details live in an ldap db? sure - pam wraps this and handles it, but now we bind ourselves to pam - which is a bit problematic to use in a portable way even between linux distributions.
also note - this is no worse than leaving your desktop unlocked and someone walking by and going "rm -rf ~/*" in a terminal. if you walk away from your machine and leave it unlocked - it's fair game for ANYTHING. someone locking it with a pw u don't know is fairly harmless compared to other things they can do.
> - -sandalle
> - --
> Eric Sandall | Source Mage GNU/Linux Developer
> firstname.lastname@example.org | http://www.sourcemage.org/
> http://eric.sandall.us/ | SysAdmin @ Inst. Shock Physics @ WSU
> http://counter.li.org/ #196285 | http://www.shock.wsu.edu/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v18.104.22.168 (GNU/Linux)
> -----END PGP SIGNATURE-----
> This SF.Net email is sponsored by xPML, a groundbreaking scripting language
> that extends applications into web and mobile media. Attend the live webcast
> and join the prime developer group breaking into this new coding territory!
> enlightenment-devel mailing list
------------- Codito, ergo sum - "I code, therefore I am" --------------
The Rasterman (Carsten Haitzler) email@example.com
Tokyo, Japan (東京 日本)