[Xfce-bugs] [Bug 10581] When hibernating, xfce request for password is hidden behind the hibernate dialog.

bugzilla-daemon at xfce.org bugzilla-daemon at xfce.org
Mon Dec 1 14:39:19 CET 2014


https://bugzilla.xfce.org/show_bug.cgi?id=10581

--- Comment #5 from Guido Berhoerster <gber at opensuse.org> ---
(In reply to Steve Dodier-Lazaro from comment #4)
> From a security perspective, we should be able to guarantee that we take the
> user from the Xfce shutdown dialog where they clicked to the proper
> PolicyKit agent asking for their password, rather than just let any dialog
> come up and ask for passwords. This is rather hard if we don't control the
> PolicyKit agent in use.

Yes, if you want to address this properly, you'd need to integrate a polkit
agent int xfce4-session. Given current manpower some simple workaround is
probably the best we can do right now and I'm happy at least someone takes care
of that.

> We can't do much about malware creating modal spoofs of the polkit agent
> (this is an impossible problem under X11) but can we at least wait until we
> know the agent is done spawning before releasing modality on the Xfce dialog?

It is not an impossible problem under X11 but it requires tight integration
with supporting security features of the underlying OS, e.g. Trusted Solaris
addressed this problem years ago.
But given the current state of affairs it is impossible for the Log-Out dialog
to know when the polkit agent's window is mapped since it is DBus actiavted.
Apart from that, neither of the dialogs are really "modal" anyway so this does
not change anything in terms of security.

> Question: does the Xfce shutdown dialog need to be re-displayed after a
> successful / failed interaction with the agent? Or do we consider that the
> agent is in charge of providing feedback on the outcome of the user clicking
> on "Hibernate"? Maybe it's better to just remove the dialog at this point.

Re-displaying it seems kind of pointless, we could pop up an error like when
e.g. session management blocks logout/shutdown/reboot if we don't just want to
hope for the best that the polkit-agent provides reasonable feedback.

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the Xfce-bugs mailing list