ubuntu-phone team mailing list archive

Thread
Date

Re: Sharing dynamic informations between the user session and the greeter

To: ubuntu-phone@xxxxxxxxxxxxxxxxxxx
From: Marc Deslauriers <marc.deslauriers@xxxxxxxxxxxxx>
Date: Thu, 06 Mar 2014 12:58:34 -0500
In-reply-to: <5318AE10.5030102@ubuntu.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0

On 14-03-06 12:19 PM, Sebastien Bacher wrote:
> Hey everyone,
> 
> That's a topic that has been discussed between different groups of people
> recently, on merge requests [1] and bug reports, and it feels like we should
> have the discussion on a common place/together, to decide what is best, and all
> do the same thing.
> 
> Summary of the issue:
> - in unity8 we use the greeter as a lock screen
> - we want to have informations from the users available on the lock screen
> ("currently playing song" for example)
> - we need a way to get those informations from the session to the greeter
> 
> We are currently using accountsservice to store "static" informations (e.g the
> background image for the user), that's needed because the user might not be
> logged/the directory not available to get the information otherwise. The case we
> are speaking about there is different and concerns "dynamic" informations (e.g
> the song currently playing in the user sessions)
> 
> We have some solutions which have been suggested:
> 
> 1. using accountsservice there as well, maybe adding support for "volatile"
> informations which wouldn't get store.
> 
> That's the first suggestion made and some people started work using that
> approach. It feels suboptimal though, since it involves making 2 running
> processes talk by using a third process as proxy (which was not designed for
> that usecase).
> 
> 
> We discussed it a bit on #ubuntu-desktop and came with those possible solutions
> as well
> 
> 
> 2. get lightdm to connect to the user-session bus and send back selected
> informations to the greeter.
> 
> That seems like the most flexible/powerful solution, giving access to the user
> session might be a concern for security though.
> 
> 
> 3. having a subdirectory in the user's XDG_RUNTIME_DIR, which is visible to the
> greter via a privileged protocol in lightdm (lightdm opening files and sending
> content, or using fds are possible options)
> 
> that should do the job, be easy enough and not risk exposing too much from the
> user session
> 
> 
> Robert, what do you think of 2 and 3 from a lightdm perspective? Would you be
> happy to add support for one of those?

#2 and #3 seem like the wrong approach to me from a security point of view. What
you really want is a user process sending information to a privileged process,
not the other way around.

Marc.

References

Sharing dynamic informations between the user session and the greeter
From: Sebastien Bacher, 2014-03-06