On Fri, Mar 07, 2008 at 11:15:22AM +0000, Darren J Moffat wrote: > Brian Cameron wrote: > >Nicolas: > > > >>On Thu, Mar 06, 2008 at 03:35:01PM -0600, Brian Cameron wrote: > >>>So really this PAM issue is a non-issue. We just need to make it > >>>possible to configure gnome-screensaver this way to move forward. > >>>Since the gnome-screensaver author loves D-Bus, I suspect he would > >>>want the IPC communication mechanism to be D-Bus, which seems > >>>reasonable. > >>IPC for what? > > > >Communication between the lock screen GUI running as the user, and > > The GUI shouldn't be running as the user though. The input and output > is through the GUI and that means it has to be trusted and is in fact > part of the Trusted Path. That doesn't mean it needs to run with > privileges(5) but it shouldn't be running as the user.
It can run as the user -- it just shouldn't be traceable by the user. And does the screen lock program really need to use gtk? I mean, it's a rather simple (from an X11/GUI p.o.v.) application.
