On Fri, Sep 19, 2008 at 2:50 PM, Gustavo J. A. M. Carneiro <[EMAIL PROTECTED]> wrote: > On Fri, 2008-09-19 at 13:09 +0200, Patryk Zawadzki wrote: >> I believe the goal is to use some uncatchable keyboard sequence a'la >> Windows' secure auth (Ctrl+Alt+Del). > This is kind of silly; I have to type a complex keyboard combination in > order to input a password? That is annoying. Additionally, switching > VTs in Linux is usually slow; more annoyance. Expect some resistance on > this "feature".
It's not for regular users, it's for environments with strict security policies and is the only way to ensure you are not typing the password into a spoofed prompt. The idea is to ask the user to manually invoke a "system break" that can't be captured programmatically to guarantee that the password prompt served by the underlying system, not by some random program (all non-privileged app GUIs are hidden for the time and all the grabs are temporarily disabled). I hope you understand that user-initiated super-grab is the only secure way to input anything (remember you have no control over other processes running in the userspace and have to assume they are all malicious). -- Patryk Zawadzki _______________________________________________ desktop-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/desktop-devel-list
