[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Making a modal window

On 12/9/18, Dan Ritter <dsr@randomstring.org> wrote:
> J.Arun Mani wrote:
>> Hello,
>> I'm making a project(using Python3) which opens whenever someone opens
>> their computer (assume Linux-Debain based) and asks them some details. The
>> user should not be allowed to use the computer without giving the details.
>> The project is based on GTK3 and is for Debian based OS. I need help in
>> the following-
>> How can I make the application modal? That is, make sure that the user
>> cannot access any thing in desktop without giving the details (the
>> application is a compulsory one, thus one should not be able to close or
>> minimise it).
>> I researched on this a bit and found the answers leading to Desktop
>> Managers. But I'm stuck how to start with them. So need some help here.
> What degree of sophistication are you trying to guard against?
> For example, if you need to guard against a six-year-old, it's
> sufficient to make your program run before the window manager,
> and only start a window manager if it is happy.
> If you need to guard against a high-school student, you will need to
> put the computer in an inaccessible room and only offer access via a
> remote keyboard, mouse and screen. You'll need to disable ctrl-alt-delete
> processing to prevent reboots, and ctrl-alt-Fx console
> switching.
> Maybe you should discuss your threat model in more depth.

What about either of these (basically only info gained via "apt-cache
search two step auth"):

libpam-google-authenticator - Two-step verification
ruby-saml - SAML toolkit for Ruby on Rails

Yes, I do understand they're likely not appropriate as they stand, but
maybe viewing their various files will lend some help.
libpam-google-authenticator KIND OF sounds like it's regularly
variable, but that might just mean I misunderstood its description,
not to mention its usage with which I'm not familiar.

Playing around with the keyword "saml" (Security Assertion Markup
Language?) led to more things (that led to still MORE other things).
Most notably *for me* was "keystone". Overall this became an
interesting, ever expanding topic that makes me scratch my own head as
to why a simple password login wouldn't suffice... unless this is
maybe a class project.

Then again... With an easily variable authentication, I could see both
parties having access to where the admin changes the entry key such
that the child, for example, must come forward every time to ask to
borrow that key to play online. With so many children being hurt via
their online presence, it's a great idea... *IF* one can find a method
such that other tech-savvy children can't teach one's own kids how to
override it during those every times... :D

Cindy :)
Cindy-Sue Causey
Talking Rock, Pickens County, Georgia, USA

* runs with birdseed *

Reply to: