ubuntu-phone team mailing list archive
-
ubuntu-phone team
-
Mailing list archive
-
Message #06779
Re: Sharing dynamic informations between the user session and the greeter
On 14-03-06 12:19 PM, Sebastien Bacher wrote:
> Hey everyone,
>
> That's a topic that has been discussed between different groups of people
> recently, on merge requests [1] and bug reports, and it feels like we should
> have the discussion on a common place/together, to decide what is best, and all
> do the same thing.
>
> Summary of the issue:
> - in unity8 we use the greeter as a lock screen
> - we want to have informations from the users available on the lock screen
> ("currently playing song" for example)
> - we need a way to get those informations from the session to the greeter
>
> We are currently using accountsservice to store "static" informations (e.g the
> background image for the user), that's needed because the user might not be
> logged/the directory not available to get the information otherwise. The case we
> are speaking about there is different and concerns "dynamic" informations (e.g
> the song currently playing in the user sessions)
>
> We have some solutions which have been suggested:
>
> 1. using accountsservice there as well, maybe adding support for "volatile"
> informations which wouldn't get store.
>
> That's the first suggestion made and some people started work using that
> approach. It feels suboptimal though, since it involves making 2 running
> processes talk by using a third process as proxy (which was not designed for
> that usecase).
>
>
> We discussed it a bit on #ubuntu-desktop and came with those possible solutions
> as well
>
>
> 2. get lightdm to connect to the user-session bus and send back selected
> informations to the greeter.
>
> That seems like the most flexible/powerful solution, giving access to the user
> session might be a concern for security though.
>
>
> 3. having a subdirectory in the user's XDG_RUNTIME_DIR, which is visible to the
> greter via a privileged protocol in lightdm (lightdm opening files and sending
> content, or using fds are possible options)
>
> that should do the job, be easy enough and not risk exposing too much from the
> user session
>
>
> Robert, what do you think of 2 and 3 from a lightdm perspective? Would you be
> happy to add support for one of those?
#2 and #3 seem like the wrong approach to me from a security point of view. What
you really want is a user process sending information to a privileged process,
not the other way around.
Marc.
References