← Back to team overview

ubuntu-phone team mailing list archive

Re: Sharing dynamic informations between the user session and the greeter

 

On 14-03-06 01:06 PM, Thomas Voß wrote:
> On Thu, Mar 6, 2014 at 7:02 PM, Marc Deslauriers
> <marc.deslauriers@xxxxxxxxxxxxx> wrote:
>> On 14-03-06 12:19 PM, Sebastien Bacher wrote:
>>> Hey everyone,
>>>
>>> That's a topic that has been discussed between different groups of people
>>> recently, on merge requests [1] and bug reports, and it feels like we should
>>> have the discussion on a common place/together, to decide what is best, and all
>>> do the same thing.
>>>
>>> Summary of the issue:
>>> - in unity8 we use the greeter as a lock screen
>>> - we want to have informations from the users available on the lock screen
>>> ("currently playing song" for example)
>>> - we need a way to get those informations from the session to the greeter
>>
>> Wouldn't a better design be to have the lock screen in the user's session? That
>> way each user can have their own lock screen, and it can access the user's data
>> without any security issue and difficulty in transferring data between different
>> security contexts...
>>
> 
> I'm quite surprised that you don't consider that a security issue :)
> Would you mind elaborating on the reasoning why the session is safe
> enough for the lock screen?
> 
> Thomas

If it's just a lock screen, sure, it's probably better to have it as a system
process.

The problem is once you start adding a bunch of information to the lock screen,
you're moving potentially sensitive information outside of the user's session,
and outside of the user's encrypted home directory. At that point, it's a
compromise, and there are advantages and disadvantages to both.

Marc.








References