graesslin created this revision.
graesslin added reviewers: bshah, davidedmundson.
graesslin added a subscriber: plasma-devel.

REVISION SUMMARY
  The idea behind this change is to make it impossible for a malicious
  process to just disable the lock screen. To achieve that modifying the
  lock screen settings are denied for the normal user. When the user wants
  to modify the settings a KAuth helper is required.
  
  The security is done by setting the config file to immutable. That way
  a non-root process is no longer able to modify the file. Neither write
  to it, nor rename it or delete it.
  
  The KAuth helper removes the immutable flag, writes the changes and
  sets the immutable flag again. If the file doesn't exist, it creates
  it, changes ownership to the owning user and performs the normal
  action.
  
  The KAuth helper performs various tasks to ensure the security:
   * validates that neither config directory, nor the config file are
     symlinks
   * validates that config directory and config file are owned by the
     user
   * only writes the known values

REPOSITORY
  rKSCREENLOCKER KScreenLocker

BRANCH
  authorize-config-changes

REVISION DETAIL
  https://phabricator.kde.org/D797

AFFECTED FILES
  CMakeLists.txt
  auth-helper/CMakeLists.txt
  auth-helper/kscreenlocker.actions
  auth-helper/kscreenlockerauthhelper.cpp
  auth-helper/kscreenlockerauthhelper.h
  kcm/kcm.cpp

EMAIL PREFERENCES
  https://phabricator.kde.org/settings/panel/emailpreferences/

To: graesslin, bshah, davidedmundson
Cc: plasma-devel
_______________________________________________
Plasma-devel mailing list
Plasma-devel@kde.org
https://mail.kde.org/mailman/listinfo/plasma-devel

Reply via email to