Em dom 30 mar 2014, às 21:40:36, Thomas Lübking escreveu: > On Sonntag, 30. März 2014 20:53:01 CEST, Thiago Macieira wrote: > > Em dom 30 mar 2014, às 19:38:14, Thomas Lübking escreveu: > >> Unlocking via a dbus command [that requires password authentication] is > >> imo very problematic [because that will end up exposing the password > >> on-disk] > > > > How does the password end up on disk? > > One of the use-cases in the linked bug is to invoke this by pam_usb or some > bluetooth script. If the dbus call would require a password, the script > could end up looking like > qdbus org.kde.kscreenlocker unlock 1ns3cur3
Don't pass the password via D-Bus. The call should just be: qdbus org.kde.kscreenlocker unlock > The development situation is special and actually what i had in mind when > saying > > any way to circumvent authentication to this very session should be > guarded by a special "knowwhatido" key [or require active authentication] I've already authenticated by logging in, even if in another terminal. Just unlock the session already. -- Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org Software Architect - Intel Open Source Technology Center PGP/GPG: 0x6EF45358; fingerprint: E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358