Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | Fix swaylock w/shadow on glibc, improve security | Drew DeVault | 2018-10-06 |
| | | | | | | | | | Today I learned that GNU flaunts the POSIX standard in yet another creative way. Additionally, this adds some security improvements, namely: - Zeroing out password buffers in the privileged child process - setuid/setgid after reading /etc/shadow | ||
* | Add support for building swaylock without PAM | Drew DeVault | 2018-09-28 |
This involves setuid'ing swaylock, which then forks and drops perms on the parent process. The child process remains root and listens on a pipe for requests to validate passwords against /etc/shadow. |