| Rich Freeman on 5 Sep 2012 05:53:21 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] BackDoor.Wirenet.1 |
On Wed, Sep 5, 2012 at 8:39 AM, Rich Freeman <r-plug@thefreemanclan.net> wrote: > Applications like pinentry (usually used by gpg agents and such) do > use secure mode, which is why their dialogs behave funny. They also > tend to lock their memory and employ other tactics to safeguard their > input. Hate to self-reply, but I just thought of a scenario and I don't know if it would work or not. X11 screen savers are just running on the same X server, so it might be possible to grab their keyboard input, which usually includes the unix password. I don't know if typical screensaver implementations grab the keyboard focus. In general I'd say the screen-savers only work at all about half the time from what I've seen, and they may or may not even blank my screen when they display their password dialog. I think that general unreliability of screen locks is one of the pain points that Wayland aims to address. Hopefully while they're at it they'll tackle whether it really makes sense for all clients to be able to read the input of all other clients by default. Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug