Question regarding the cashew and allow widgets on screensaver
Ryan Rix
ry at n.rix.si
Mon Jun 27 21:04:55 UTC 2011
This is a bug, and should be fixed. We've spent a fair amount of effort making
sure htat e.g. appletes cannot give unauthorized users the ability to access
the filesystem, or launch applications. The settings dialog and toolbox should
be no exception to that rule.
Please report this issue at bugs.kde.org and we will try to address it.
r
On Thu 23 June 2011 11:22:23 Rick Sewill wrote:
> I am on the latest Fedora 15.
>
> I wanted to enable "Allow widgets on screen saver".
> This choice is found in System Settings -> Display and Monitor -> Screen
> Saver
>
> Everything looked fine when I enabled "Allow widgets on screen saver",
> but ... when I have the screen saver locked, the cashew will let me select
> the "Settings" button without asking for a password.
>
> The Settings screen is hesitant to come up, but if I am persistent
> and keep trying, the Settings screen will come up.
>
> On the Settings screen, I am able to select the "Open" button.
> This lets me browse directories as if I was going to change my wallpaper.
> I can see the names of directories and files.
> This can be done without entering a password.
>
> Question please: if we must have the cashew on the screen saver screen,
> when we "Allow widgets on screen saver", is there a way to require the
> cashew to ask for a password before letting someone use the Settings
> button?
>
> Alternatively, can I make the cashew disappear from the screen saver screen?
> I installed kde-plasma-ihatethecashew-0.4-3.fc15.x86_64.
> Unfortunately, "I Hate the Cashew" is not a widget choice when I am in the
> screen saver screen trying to add widgets.
>
> I'd like to use "allow widgets on screensaver", but am hesitant.
> The screen saver, to me, "saves" wear and tear on the monitor -and-
> keeps others from seeing my files and directories without permission.
>
> It may be true, they can only see the file names, not the file contents.
> Even so, I consider this to be a security risk.
>
> _______________________________________________
> kde mailing list
> kde at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/kde
> New to KDE4? - get help from http://userbase.kde.org
--
Ryan Rix -- http://rix.si
== OpenSource.com: Where Open Source Happens! ==
_
\/"/_ All Hail the Beefy Miracle!
/_/
\ \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
Url : http://lists.fedoraproject.org/pipermail/kde/attachments/20110627/13aad82a/attachment.bin
More information about the kde
mailing list