Darren J Moffat wrote:
> Brian Cameron wrote:
>> Nicolas:
>>
>>> On Thu, Mar 06, 2008 at 03:35:01PM -0600, Brian Cameron wrote:
>>>> So really this PAM issue is a non-issue. We just need to make it
>>>> possible to configure gnome-screensaver this way to move forward.
>>>> Since the gnome-screensaver author loves D-Bus, I suspect he would
>>>> want the IPC communication mechanism to be D-Bus, which seems
>>>> reasonable.
>>> IPC for what?
>>
>> Communication between the lock screen GUI running as the user, and
>
> The GUI shouldn't be running as the user though. The input and output
> is through the GUI and that means it has to be trusted and is in fact
> part of the Trusted Path. That doesn't mean it needs to run with
> privileges(5) but it shouldn't be running as the user.
How do we do this when GTK+ can't be run setuid?
http://www.gtk.org/setuid.html
--
-Alan Coopersmith- alan.coopersmith at sun.com
Sun Microsystems, Inc. - X Window System Engineering
