Am Wed, 19 May 2010 15:07:09 -0700 schrieb "Octavio Alvarez" <[email protected]>:
> Yes, but this should be a service of the Window Manager and/or the > X server. Otherwise, it is also a security risk. Agreed. Jamie Zawinsky already pointed out, that this is a serious lack of the X11 system. The WM is not the right place to implement or to control security grabs: The WM might implement it wrong or have other bugs. Please take a careful read of <http://www.jwz.org/xscreensaver/toolkits.html> Also note the date, Jamie wrote that in 2004, and as it happens a few months ago gnome-screensaver happened to suffer from exactly the problems outlined there (you could kill the screensaver/lock simply by keeping the Return key pressed, causing some bug in GTK to tigger, crashing the screensaver daemon, thus taking down the lock). The clean solution would be some X extension for exclusive screen access (and a own magic cookie maybe) i.e not just a grab, but the ability to place a fullscreen window on top of everything else, with it's own subwindow manager and stuff. The screensaver daemon would then be responsible for managing that exclusive overlay window, running graphic hacks and a separate, crashable password entry program therein. But with the current X system this is not possible, so the screensaver daemon must grab all input and provide a properly audited, bugfree unlock dialog. Wolfgang _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
