Re: security policy / root passwords
On 10/06/13 15:36, Timo Juhani Lindfors wrote:
> Simon McVittie <firstname.lastname@example.org> writes:
>> * ability to use system-modal prompting or a secure input path
>> (partially done by PK under GNOME Shell, likely to get better
>> under Wayland, not supported by sudo or su)
> Not relevant to the current discussion but this got me curious: can the
> input path really be secure under X11?
It can at least be a bit more robust against accidentally typing your
password into the wrong window (although perhaps not secure against
deliberate abuse by a malicious application) by taking an input grab,
like the various pinentry-* and ssh-askpass implementations do.
I'm not sure how far GNOME Shell goes with securing input to
system-modal dialogs, but again, the fact that it's modal makes it a bit
more robust against mistakes.