Forbid more syscalls. An malicious theme could create directories with the
password as name, or encode the password in chmod bits. Also, prevent
deleting anything, so a theme can't delete the users files.
Details
Details
- Autotests run fine
- Started sceenlocker, unlocked, created a new session. Got no seccomp violations in dmesg and everything worked fine.
- Didn't test it with the nvidia driver
Diff Detail
Diff Detail
- Repository
- R133 KScreenLocker
- Lint
Automatic diff as part of commit; lint not applicable. - Unit
Automatic diff as part of commit; unit tests not applicable.
Comment Actions
Hello,
It seems this commit doesn't seem to build on arm64 properly: https://build.neon.kde.org/job/xenial_unstable_plasma_kscreenlocker_bin_arm64/1/console
I don't exactly understand what's going on.
Comment Actions
Sorry for beein inactive for some time, real life was busy...
I'm not sure what happens here as well. I guess that arm64 doesn't implement many syscalls. I will prepare a patch to exclude those syscalls if they're not available.