From kde-core-devel Sun Oct 09 18:02:27 2011 From: Martin =?ISO-8859-1?Q?Gr=E4=DFlin?= Date: Sun, 09 Oct 2011 18:02:27 +0000 To: kde-core-devel Subject: Security Audit Request for Screenlocker Branch Message-Id: <1492778.Pixx8xu4RD () martin-desktop> X-MARC-Message: https://marc.info/?l=kde-core-devel&m=131818338309074 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--nextPart1328464.2H5ulrlDFb" --nextPart1328464.2H5ulrlDFb Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="utf-8" Hi all, as you might know we have been working on moving the screenlocker from KRunner to KWin and passed the control to the compositor (iff compositing is active) to ensure that nothing which should not be shown gets visible. I want to request a security audit for the changes to ensure that the new implementation is as secure as the existing one and that I did not forget an important case which would compromise the security. The general concept of the new screenlocker is described in the wiki: http://community.kde.org/KWin/Screenlocker The documentation of the implementation can be found in: https://projects.kde.org/projects/kde/kde- workspace/repository/entry/kwin/screenlocker/screenlocker.h?rev=farhad_hf%2Flockscreen The code lives in the farhad_hf/lockscreen branch in kde-workspace git repository. The main new files can be found in kwin/screenlocker/screenlocker.h|cpp and in kwin/effects/screenlocker/* The authentication architecture is not changed and the code under effects/screenlocker/ is just c&p from the existing implementation. It is planned to drop the existing implementation around kscreenlocker in 4.9 completely in favor of the new implementation also in the non-composited case. Because of that I decided to c&p and not adjust the existing code to suit both implementations. Currently known limitations of the new implementation: * KNotification not working (needs to be merged with KWin's knotifyrc) * Screenlocker not able to adjust to multi screen changes while screen is locked. This needs some already planned rework in the compositor. Happy hacking Martin --nextPart1328464.2H5ulrlDFb Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEABECAAYFAk6R4bMACgkQqVXwidMiVro3kQCgoy6M9AuYKMZVdl/ComiUISdd W+gAoIdIaOObW2S52Nsj4TEUwWkXCEIN =ktga -----END PGP SIGNATURE----- --nextPart1328464.2H5ulrlDFb--