Re: [hackers] [slock] [PATCHSET] Some improvements and more security

From: FRIGN <dev_AT_frign.de>
Date: Mon, 12 Sep 2016 12:52:14 +0200

On Mon, 12 Sep 2016 12:20:51 +0200
Quentin Rameau <quinq_AT_fifth.space> wrote:

Hey Quentin,

> First patch:
> - I agree with the structuring of the xrandr part, good!
> - But not with the localization of every data, they're used across the
> whole program and you're just over-complicating functions here imho.
> The program is simple and clear enough not to have to get triple
> pointers passed as function parameters.

the triple pointer is just used once in the cleanup function, as after
freeing the locks we set the locks double pointer to NULL.

> - un-typedef, that's not an issue here, why changing it besides
> satisfying your personal taste?

because it would be inconsistent with the xrandr-struct. There is also
no reason to typedef struct anyway and just hides the underlying
machinery for no good reason.

> Second patch:
> - fine by me, renaming variables patch ;p

You wouldn't believe how much difference it makes to improve variable
naming.

> Third patch:
> - the rval renaming belongs to the second patch

It's debatable if you think of the second patch as a renaming patch,
but in the end I don't see it as a big issue.

> - I agree with the removal of the $USER, we discussed it before this
> patch on IRC. But maybe we should have the reasoning behind that
> from the original author who put it here.

The reasoning is that we don't want a bloody seduid program depending
so strongly on environment variables. For some things, it's sufficient
to just kick them out because they are so obviously wrong.
What has been bugging me for quite a while is this DPMS comment that
was added there for no reason. Every sane mind would agree that
fiddling with DPMS makes no sense whatsoever. When I slock, my screen
turns off after 10 minutes. So, if I don't like that, I disable DPMS.
If I do, I just fiddle around with my mouse a bit and get the slock
promt.
The only issue I see there is if the screen is not locked and one
assumes it is locked and does not wait for the screen to turn back on
and enter his password, possibly unleashing it to the public (IRC chat,
whatever). But this is a minor thing imho. DPMS stays out and there's
no need imho for such a long comment to reflect that.

> Anyway, thanks for the work!

I was happy to do it! :)

Cheers

FRIGN

-- 
FRIGN <dev_AT_frign.de>
Received on Mon Sep 12 2016 - 12:52:14 CEST

This archive was generated by hypermail 2.3.0 : Mon Sep 12 2016 - 13:00:18 CEST