Commit graph

5 commits

Author SHA1 Message Date
FRIGN
22eba05f36 Ensure Polyphemus-Mitigation and properly drop privileges
Don't hide privilege drops inside readpw() and actually make it
configurable what you are dropping to in config.h.

The privilege drop comes after opening the Display because the
user "nobody" with "nogroup" can't do that.

So why do I call this strategy the Polyphemus-Mitigation?

"""
After the giant returns in the evening and eats two more of the men,
Odysseus offers Polyphemus some strong and undiluted wine given to him
earlier on his journey. Drunk and unwary, the giant asks Odysseus his
name, promising him a guest-gift if he answers. Odysseus tells him
"Οὖτις", which means "nobody" and Polyphemus promises to eat this
"Nobody" last of all. With that, he falls into a drunken sleep. Odysseus
had meanwhile hardened a wooden stake in the fire and now drives it into
Polyphemus' eye. When Polyphemus shouts for help from his fellow giants,
saying that "Nobody" has hurt him, they think Polyphemus is being
afflicted by divine power and recommend prayer as the answer.
"""

(source: https://en.wikipedia.org/wiki/Polyphemus)
2016-09-08 00:36:45 +02:00
FRIGN
bdcbeab0d8 Clarify config.def.h
Clear up the wording a bit and explain what failonclear means.
2016-02-14 01:33:18 +01:00
Nick Currier
b1289f30b7 Option to not show failure color on clear 2015-05-08 16:44:06 +02:00
David Phillips
f2ea92c3dd Blank the screen with color 0, add third color for failed logins
- Adds another color in config.def.h, COLOR_INIT
- Renames the colours from numerical ones to ones with meaningful names;
  COLOR_INPUT for when there is content in the input buffer and COLOR_EMPTY
  for when the input buffer has been cleared (backspaced or a failed attempt).
- Ensures XFreeColors frees the right number of colours. This is now derived
  from the size of `Lock->colors` rather than being an integer literal.
- Makes slock exhibit the behaviour described by Markus

The default colours are the same as the ones slock currently uses, with the
exception of the new color, which I have set to red, as it indicates someone
has either failed an attempt to unlock, or that they have entered input and
erased it all.
2015-04-01 23:13:11 +02:00
Anselm R Garbe
44ce161c13 applied sin's patch and prepared new release 2014-12-22 11:16:26 +01:00