Brian Cameron wrote: > Nicolas: > >> On Thu, Mar 06, 2008 at 03:35:01PM -0600, Brian Cameron wrote: >>> So really this PAM issue is a non-issue. We just need to make it >>> possible to configure gnome-screensaver this way to move forward. >>> Since the gnome-screensaver author loves D-Bus, I suspect he would >>> want the IPC communication mechanism to be D-Bus, which seems >>> reasonable. >> IPC for what? > > Communication between the lock screen GUI running as the user, and
The GUI shouldn't be running as the user though. The input and output is through the GUI and that means it has to be trusted and is in fact part of the Trusted Path. That doesn't mean it needs to run with privileges(5) but it shouldn't be running as the user. -- Darren J Moffat
