[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 Pedro V changed: What|Removed |Added CC||voidpointertonull+bugskdeor ||g...@gmail.com --- Comment #12 from Pedro V --- Isn't this mostly a duplicate of the significantly older Bug 336369, or is this supposed to be Bug 336369 + Bug 392798 ? Generally it seems like fragmentation of discussion isn't ideal as in the end whether the operation is initiated with a HID device or with an ACPI event, the problem is the security consideration. Regarding the security aspect, for those with not much imagination I'd recommend to envision a setup where only a keyboard and a mouse is available to the user, the host itself isn't in reach. There are other possible setups, and even if they aren't the most common, one of the charms of KDE is usually striking a quite okay balance between security and convenience with default settings, and covering a lot of use cases with settings. It's definitely interesting though that in this case there seems to be really just a regression in convenience instead of improvement in security: - Not sure if it's a result of me enabling hibernation with overly permissive configuration a while ago, but hibernate and sleep options are present for me by default which are not as bad as shutdown and restart, but can be still disruptive - Initiating user switching really still present restart and shutdown options as of Plasma 5.27.8, and they do work, so there was no security improvement, just some obfuscation I generally do agree with the idea that most setups are likely to be single user, so this is a low priority issue, but I can envision a single checkbox option controlling whether these controls should be available without authentication covering common needs: - Single user setups could have convenient controls - Multi-user / more secure setups would still need to login first, but would have the desired security It's likely a good idea though to revert the change that ended up being just security through obscurity, both confusing a lot of users thinking a feature is missing, and also giving the false sense of security. -- You are receiving this mail because: You are watching all bug changes.
[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 Graham Perrin changed: What|Removed |Added CC||grahamper...@gmail.com -- You are receiving this mail because: You are watching all bug changes.
[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 soredake changed: What|Removed |Added CC|broaden_acid002@simplelogin | |.com| -- You are receiving this mail because: You are watching all bug changes.
[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 Nate Graham changed: What|Removed |Added Severity|normal |wishlist -- You are receiving this mail because: You are watching all bug changes.
[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 --- Comment #11 from Nate Graham --- That's already tracked with Bug 392798. -- You are receiving this mail because: You are watching all bug changes.
[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 --- Comment #10 from Pepe Mandioca --- I want to suggest another way to solve this problem that sidesteps the password vs physical access issue. So ok, don`t show shutdown/etc buttons in the lockscreen since these can be clicked accidentally/maliciously. Since I think we call all agree that physical access to the power/sleep buttons computer give users the ability to force a shutdown, why not do it gracefully. Therefore if the user presses the shutdown/sleep buttons _while in the lock screen_, **respect** the behavior of these buttons as per the energy savings settings; ie, show the shutdown prompt or shutdown/reboot/sleep accordingly. So instead of entering a password, you just press a button which is much faster (and possibly an extra enter to confirm depending on power saving options as mentioned above). Also, shutdown buttons are generally designed to prevent accidental presses, which gives an extra layer of convenience. @avlas proposal is also viable for remote sessions, but I think it does not really address the issue. PD: On Kubuntu 20.04, kded5 5.68.0, the workaround described by @Rog131 still works, so I can still shutdown by clicking "switch user" then "shutdown". Also, installing polkit-* no longer provides a workaround. -- You are receiving this mail because: You are watching all bug changes.
[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 Murz changed: What|Removed |Added CC||mur...@gmail.com -- You are receiving this mail because: You are watching all bug changes.
[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 ruruoli changed: What|Removed |Added CC||maniikarab...@protonmail.ch -- You are receiving this mail because: You are watching all bug changes.
[kscreenlocker] [Bug 390634] Possibility to shutdown/reboot/hibernate system from lockscreen
https://bugs.kde.org/show_bug.cgi?id=390634 Nate Graham changed: What|Removed |Added Summary|Possibility to |Possibility to |shutdown/hibernate system |shutdown/reboot/hibernate |from lockscreen |system from lockscreen Status|REOPENED|CONFIRMED Blocks||336369 --- Comment #9 from Nate Graham --- I recall during our discussion in Valencia that we agreed restart and shutdown would be needed too--particularly for the case of PlaMo, where being able to shut down or reboot your phone from the lock screen is a requirement. Referenced Bugs: https://bugs.kde.org/show_bug.cgi?id=336369 [Bug 336369] Lock screen: power actions (sleep, shut down, restart) are missing -- You are receiving this mail because: You are watching all bug changes.
