On Mon, Nov 01, 2021 at 06:53:38PM +0100, Matthieu Herrb wrote: > On Mon, Nov 01, 2021 at 12:30:19PM +0100, Landry Breuil wrote: > > Le Mon, Nov 01, 2021 at 12:15:01PM +0100, Matthieu Herrb a écrit : > > > > > > The problem I see with this approach is that it provides a tool that > > > make it possible to do brute-force password checking. > > > > > > I think that a solution where main screensaver process keeps the setgid > > > auth bit, forks a privileged child to do the password check and > > > revokes it's setgid privilege is better. But I'd like hear other > > > people on this (millert@, kn@,...) > > > > Well, i'm not going to be the one writing this code :) > > Looking in more details, you solution only allows to guess one's own > password so I retract the argument above. > > ok matthieu@ for your patch. >
Hi, did I miss something or is this still pending ? -- Matthieu Herrb