ChaniBlog











{February 13, 2009}   screensaver widgets in 4.2

I meant to blog about this when 4.2 was released, but didn’t get around to it. it seems like there’s a bit of confusion about the security of screensaver widgets. also, I figured I should remind everyone that to turn them on you go to hte screensaver KCM. :) quick summary: so long as you use common sense when adding widgets, and take a minute to test them, it should be perfectly safe. and if you’re feeling paranoid, you can just leave them disabled, of course.

the thing about screensaver security is, it’s not really about protecting against malicious code. that’s important too, but it applies to all of plasma. for the screensaver, I have to think about malicious (or simply meddlesome) users. if I leave my screen locked at school when I go to the bathroom, I don’t want to come back to find goatse or files deleted or anything mean like that (and yes, I’ve been in classes where this was a problem).

back in summer I looked over the code of every damn plasmoid in workspace, kdeplasma-addons and playground. what I found surprised me. nearly every plasmoid fell into one of two categories: completely and utterly harmless (like the bouncy ball), or completely inappropriate for the screensaver (like the taskbar and folderview). only a handful were in-betweens: a few launched external programs, which were safely hidden behind the screensaver but still there to be annoying when the screen was unlocked, and a few had actual security issues (like twitter, unless you *want* random strangers posting to your account). not only that, but most of the inappropriate ones were contained in a few categories. those categories have become a little more fuzzy since then, but there are still two or three that could just be banned from the screensaver entirely.

so, it turns out this isn’t so much a security problem as a “keep the inappropriate plasmoids from cluttering the appletbrowser” problem. if you sit and think for a minute about the plasmoids you’ve added to your screensaver, maybe poke at them while it’s locked to see if you can break stuff, you’ll easily see whether your screensaver is safe to leave unattended. the only thing I didn’t find completely obvious was that the battery applet lets me suspend from the screensaver (and personally I consider that a feature).

there are two things I had planned: making it possible to filter out the inappropriate plasmoids from the appletbrowser using categories and some security constraints, and making it possible for the small number of plasmoids in the grey area to ask if they need to act more securely, so that they can be allowed on the screensaver too. unfortunately this got derailed by other things not happening, and now some of the detailed notes are lost, but someday I’ll find time to do it…



Gof says:

Well, it’s not really easy for an user to know which applet are dangerous or not.
Some applet may contains “hidden” feature that only power users know about that can be harmfull.

Not to mention that some applet may contains bug (crashes)



Just set up the screensaver widgets for myself.

Anyway.. i find it a bit silly… you have one screensaver selected from the list, but yet again you have a checkbox for the widgets. I think it’s rather confusing since the screensaver widgets would replace the screensaver at all, right? If not… i’m the confused one… will try it out shortly…



Tried it out, very nice :)
Anyway, some of the widgets are rather useless if they require interaction but the screen saver goes away when doing anything….

Would be very cool to have an option to keep the screensaver on and make it easy to get out of it *without requiring a password*

Cheers!



Chani says:

@dread knight: if you have composite you can see the screensaver as well as the widgets.
as for keeping the screensaver up unlocked… there kinda is a way to do that. click the ‘setup’ button under the checkbox that enables widgets. all it does is send a dbus signal, so you could probably find other ways to trigger it if you want that often. :)



I had compositing disabled because unfortunately it fucking sucks with blender atm.

Instead of using the setup button, would be way nicer to have an option implemented to trigger that. Big difference :P



Chani says:

and where would you put such an option?



Robin says:

A dangerous one is the comic applet which provides a “save as” menu entry.
Everyone can browse you filesystem with that feature :-/



Chani says:

oh, yikes. that wasn’t there before…

that makes me a fair bit more nervous about this stuff. what do I do about applets that *used* to be safe, but then someone comes and adds a helpful feature that makes them unsafe?



Chani: I guess that if you want the applets to be safe you need to jail them somehow, so that for example they can’t access the user data. Virtual Machine or something like that.



D.F. says:

The problems you’re running into might just be intractable. I remember seein’ requests for this stuff about Xscreensaver years ago. The Xscreensaver author had a decent writeup as to why he’s never included any of that functionality —
http://www.jwz.org/xscreensaver/toolkits.html



Chani: Non-locked plasmoid screensavers have an intriguing use case: just configuring “Blank Screen” as screensaver, and adding a (nearly) full-screen Analog Clock widget. Beats the clock screensaver anytime, assuming it behaves just like a regular screensaver (which it doesn’t do at this point).



Jonno says:

I planed on adding the browser widget to my screensaver, thinking that would save me logging in for friends just wanting to check out a website. I mean, browsing shouldn’t be able to do too bad stuff to my computer. Then I realized the widget shared bookmarks with Konqueror, and allowed you to delete and add new ones…

What I want to get to is that sometimes an applet should be allowed even in screensaver mode, but disable some unsafe features…



Comments are closed.

et cetera
%d bloggers like this: