Open pixelherodev opened 6 years ago
That might be a security risk, as a malware installer or malicious user on a multiuser system could potentially exploit it to allow unlocking a locked session of another user.
What if it's run in a sandbox? Could use e.g. firejail to prevent that from happening.
From: lukefromdc notifications@github.com Sent: Sunday, April 29, 2018 6:52:36 PM To: mate-desktop/mate-screensaver Cc: pixelherodev; Author Subject: Re: [mate-desktop/mate-screensaver] Feature request: arbitrary command execution (#154)
That might be a security risk, as a malware installer or malicious user on a multiuser system could potentially exploit it to allow unlocking a locked session of another user.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/mate-desktop/mate-screensaver/issues/154#issuecomment-385272779, or mute the threadhttps://github.com/notifications/unsubscribe-auth/AJ3Qs5ivq4yZm2FG44ltcqy4bR7Zo6WKks5ttgv0gaJpZM4Tru36.
I know little about sandboxing and exploits to jump out of sandboxes so not qualified to pass judgement on that.
Can't you create an actual screensaver for mate-screensaver instead ?
If I had any experience with GTK, probably.
I'd like to request the ability to run any program as the screensaver. This would be useful for e.g. projectM-pulseaudio, or a custom screensaver program.