PiP protocol addition...!?

Posted Oct 28, 2025 11:08 UTC (Tue) by mathstuf (subscriber, #69389)
In reply to: PiP protocol addition...!? by pizza
Parent article: KDE Plasma 6.5 released

But is the lock screen in Windows "just" a process running as the session user (cf. `xlock`) or is it kernel-mediated in a way that you could have some semblance of trust that you're not being keylogged when you enter your password? It is implementing it directly in the screen locker (rather than punting to the login manager) that feels niche to me.

PiP protocol addition...!?

Posted Oct 28, 2025 12:37 UTC (Tue) by Wol (subscriber, #4433) [Link] (1 responses)

It always used to be invoked by ctrl-alt-delete.

Which is a major security feature because it explicitly triggers a hardware NMI. So there's no point implementing a "fool you" lookalike screen - for anyone who knows how it's supposed to work, you need to actively patch into the interrupt handler to hijack it.

I don't think you CAN implement it in the user's lock screen (that or the lock screen is running as root), because you need to validate the new user's password, which only root or administrator can do.

Cheers,
Wol

PiP protocol addition...!?

Posted Oct 28, 2025 14:10 UTC (Tue) by pizza (subscriber, #46) [Link]

> I don't think you CAN implement it in the user's lock screen (that or the lock screen is running as root), because you need to validate the new user's password, which only root or administrator can do.

Validating the _current_ user's password also requires root privileges.