Re: Question regarding the cashew and allow widgets on screensaver

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a bug, and should be fixed. We've spent a fair amount of effort making 
sure htat e.g. appletes cannot give unauthorized users the ability to access 
the filesystem, or launch applications. The settings dialog and toolbox should 
be no exception to that rule.

Please report this issue at bugs.kde.org and we will try to address it.

r

On Thu 23 June 2011 11:22:23 Rick Sewill wrote:
> I am on the latest Fedora 15.
> 
> I wanted to enable "Allow widgets on screen saver".
> This choice is found in System Settings -> Display and Monitor -> Screen
> Saver
> 
> Everything looked fine when I enabled "Allow widgets on screen saver",
> but ... when I have the screen saver locked, the cashew will let me select
> the "Settings" button without asking for a password.
> 
> The Settings screen is hesitant to come up, but if I am persistent
> and keep trying, the Settings screen will come up.
> 
> On the Settings screen, I am able to select the "Open" button.
> This lets me browse directories as if I was going to change my wallpaper.
> I can see the names of directories and files.
> This can be done without entering a password.
> 
> Question please: if we must have the cashew on the screen saver screen,
> when we "Allow widgets on screen saver", is there a way to require the
> cashew to ask for a password before letting someone use the Settings
> button?
> 
> Alternatively, can I make the cashew disappear from the screen saver screen?
> I installed kde-plasma-ihatethecashew-0.4-3.fc15.x86_64.
> Unfortunately, "I Hate the Cashew" is not a widget choice when I am in the
> screen saver screen trying to add widgets.
> 
> I'd like to use "allow widgets on screensaver", but am hesitant.
> The screen saver, to me, "saves" wear and tear on the monitor -and-
> keeps others from seeing my files and directories without permission.
> 
> It may be true, they can only see the file names, not the file contents.
> Even so, I consider this to be a security risk.
> 
> _______________________________________________
> kde mailing list
> kde@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/kde
> New to KDE4? - get help from http://userbase.kde.org
-- 
Ryan Rix -- http://rix.si
== OpenSource.com: Where Open Source Happens! ==
   _
 \/"/_ All Hail the Beefy Miracle!
 /_/
 \ \

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
kde mailing list
kde@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/kde
New to KDE4? - get help from http://userbase.kde.org

[Index of Archives]     [KDE Users]     [Fedora General Discussion]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Maintainers]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Announce]     [Fedora Package Review]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Triage]     [Coolkey]     [Yum Users]     [Yosemite Forum]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]

  Powered by Linux