jdd wrote:

Le 25/10/2011 15:41, Per Jessen a écrit :

...

Not about the software, but still a significant security issue:

https://features.opensuse.org/312876

(might apply to other window managers too, but we only use KDE).

giving the present -13 score, don't seems to be popular.

Haha, I guess we can conclude that noone is worried about security ... -- Per Jessen, Zürich (10.6°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

C wrote:

On Tue, Oct 25, 2011 at 17:52, Per Jessen wrote:

...

...

Le 25/10/2011 15:41, Per Jessen a écrit :

...

Not about the software, but still a significant security issue:

https://features.opensuse.org/312876

(might apply to other window managers too, but we only use KDE).

giving the present -13 score, don't seems to be popular.

Haha, I guess we can conclude that noone is worried about security ...

I don't think it's so much that no one is worried about security... it's more like we're thinking about general usability. The proposal is a reasonable one in the use-case you presented, but... in a more broad sense, it would be more of an annoyance to the larger population of users. The risk is negligible.

Maybe it is, but that didn't stop us installing apparmor by default. (for instance). If you ask a security expert, he or she will tell you social engineering is in fact the biggest security risk in most places. http://en.wikipedia.org/wiki/Social_engineering_%28security%29 Regardless, I was pointed to the Kiosk tool, which looks somewhat promising, Only somewhat because there seems to be some doubts about whether it works in KDE4. -- Per Jessen, Zürich (10.1°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

todd rme wrote:

On Tue, Oct 25, 2011 at 7:04 PM, Per Jessen wrote:

...

Regardless, I was pointed to the Kiosk tool, which looks somewhat promising, Only somewhat because there seems to be some doubts about whether it works in KDE4.

Kiosk is used for locking down stuff like this, kiosktool is a GUI which can control kiosk.

But do I get them both by installing kiosktoolor is kiosk installed by default? I searched on 'kiosk' with yast and only found kiosktool.

Kiosk should work fine for this purpose, you just need to manually set up rules for screensavers. These rules are supposed to work for KDE 3, you should be able to adapt them for KDE 4 by finding the proper configuration entry:

http://lists.kde.org/?l=kde-kiosk&m=112142810808206

See here for general instructions:

http://techbase.kde.org/KDE_System_Administration/Kiosk/Introduction

I don't know the state of kiosktool, but kiosktool is merely a GUI to make it easier to configure kiosk. You don't need to use kiosktool to run kiosk. If you have more questions about kiosk you should probably ask on that mailing list.

Thanks, and thanks again for mentioning it, I really had no idea it existed. -- Per Jessen, Zürich (8.2°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

On Tuesday 25 October 2011, jdd wrote:

Le 25/10/2011 17:52, Per Jessen a écrit :

...

Haha, I guess we can conclude that noone is worried about security ...

I'm very concerned by the default "log without passwd" install, but was abruptly sent out when asking why this was set up.

Hehe, that'd be real fun. Automatic login without password per default but then have to type password each 15 seconds while trying to watch a video. (Remember, only root should be able to disable screen saver but not user's video player which would be a security hole!) cu, Rudi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org