Wayland Testing New Protocol Extension To Handle Session Locking | #linux | #linuxsecurity


Wayland Protocols 1.25 was released today as the collection of testing and stable Wayland protocols. New to Wayland Protocols 1.25 is the session-lock-v1 protocol being experimental and responsible to handle session locking.

The session-lock-v1 protocol is the main addition of Wayland Protocols 1.25 and allows for privileged Wayland clients to lock the session and display arbitrary graphics while in the locked mode. That authenticated client is responsible for handling user authentication and interfacing with the compositor for disabling the session lock when appropriate.

The Wayland session lock protocol was drafted by Isaac Freund and summed up as:

This protocol allows for a privileged Wayland client to lock the session and display arbitrary graphics while the session is locked.

The compositor may choose to restrict this protocol to a special client launched by the compositor itself or expose it to all privileged clients, this is compositor policy.

The client is responsible for performing authentication and informing the compositor when the session should be unlocked. If the client dies while the session is locked the session remains locked, possibly permanently depending on compositor policy.

It’s a rather simple protocol but hopefully will prove useful and lead to better screen locking security than the security mess of X.Org screensavers. X11/X.Org screensaver locking security has been a mess with multiple vulnerabilities over time while at least Wayland is better engineered and this new protocol will hopefully prove satisfactory though for the v1.25 release is being treated as a testing extension. The current protocol text can be read via Git.

See the Wayland Protocols 1.25 announcement for more details on the changes, but the rest of the work is mostly small fixes.



Original Source link

Leave a Reply

Your email address will not be published.

thirty − = twenty nine