Am 2017-03-05 09:32, schrieb René J. V. Bertin:
Kai Uwe Broulik wrote:
Turn the screen off. Problem solved.
Sure, that's why I use computers, to have to remember myself to do
everything by
hand... I'd suggest to remove all current hooks into power management
too if
that's the prevalent mindset - just turn the computer off. Problem
solved.
At least that'll work with laptops and all-in-ones too.
O-)
I'll keep using xscreensaver but may come back to that topic after some
more
testing.
Given what you want to have I strongly suggest to stick to xss. We will
definitely not add back support for xss hacks nor for starting the
locker without requiring password. If you want those two features stay
with xss. As an alternative you can write a dedicated application to do
this just without any authorization. Just a fullscreen application
rendering the xss hack.
For anyone wondering: I want to keep the Lockscreen as stupid and simple
as possible. It has two tasks: preventing unauthorized access to the
system and to be secure. Xss hacks violate both these conditions. The
possibility to not require a password clearly violates the preventing
unauthorized access condition. And xss hacks in general complicate the
setup so that guaranteeing the secure aspect becomes difficult. There
are xss hacks which also violate the unauthorized access condition by
using the desktop in a distorted way. That is something our Lockscreen
architecture prevents. To support this we would have to add a backdoor
to the architecture. So overall absolutely not acceptable.
Also on kde4 times the xss hacks to a completely different code path -
basically two different applications.
Cheers
Martin