Commit Graph

29 Commits

Author SHA1 Message Date
Hiltjo Posthuma 4f045545a2 bump version to 1.5 2022-10-04 19:45:14 +02:00
Markus Teich fa11589584 bump version 2016-11-20 01:07:11 +01:00
Quentin Rameau cd3c546c37 config.mk: be more explicative about FLAGS
Group each *FLAG with its description and add a NetBSD specific.
2016-09-08 23:36:07 +02:00
FRIGN 22eba05f36 Ensure Polyphemus-Mitigation and properly drop privileges
Don't hide privilege drops inside readpw() and actually make it
configurable what you are dropping to in config.h.

The privilege drop comes after opening the Display because the
user "nobody" with "nogroup" can't do that.

So why do I call this strategy the Polyphemus-Mitigation?

"""
After the giant returns in the evening and eats two more of the men,
Odysseus offers Polyphemus some strong and undiluted wine given to him
earlier on his journey. Drunk and unwary, the giant asks Odysseus his
name, promising him a guest-gift if he answers. Odysseus tells him
"Οὖτις", which means "nobody" and Polyphemus promises to eat this
"Nobody" last of all. With that, he falls into a drunken sleep. Odysseus
had meanwhile hardened a wooden stake in the fire and now drives it into
Polyphemus' eye. When Polyphemus shouts for help from his fellow giants,
saying that "Nobody" has hurt him, they think Polyphemus is being
afflicted by divine power and recommend prayer as the answer.
"""

(source: https://en.wikipedia.org/wiki/Polyphemus)
2016-09-08 00:36:45 +02:00
Quentin Rameau 04143fd68d Unify how we check passwords between different OSes 2016-09-07 13:10:25 +02:00
Hiltjo Posthuma a7afade170 clear passwords with explicit_bzero
Make sure to explicitly clear memory that is used for password input. memset
is often optimized out by the compiler.

Brought to attention by the OpenBSD community, see:
https://marc.info/?t=146989502600003&r=1&w=2
Thread subject: x11/slock: clear passwords with explicit_bzero

Changes:

- explicit_bzero.c import from libressl-portable.
- Makefile: add COMPATSRC for compatibility src.
- config.mk: add separate *BSD section in config.mk to simply uncomment it on
  these platforms.
2016-08-13 09:58:00 +02:00
Markus Teich 6a52a85a1a add slock.1 man page 2016-02-11 16:51:12 +01:00
Markus Teich bfafc91da7 prepare 1.3 release 2016-02-11 16:23:48 +01:00
Markus Teich f5ef1b8eb5 resize lockscreen window after Xrandr resize 2015-04-01 23:25:47 +02:00
Anselm R Garbe 44ce161c13 applied sin's patch and prepared new release 2014-12-22 11:16:26 +01:00
Anselm R Garbe ba3acfc0dc applied Robert Schneider's Linux suggestions, also bumped version and updated LICENSE file's copyright notice 2013-08-02 22:11:18 +02:00
anselm@garbe.us 3092d3b314 prepared 1.1 2012-10-25 20:59:50 +02:00
anselm@garbe.us c1507cd225 applied Eckehard Bern's dualcolor patch to slock 2012-03-17 18:03:25 +01:00
a@null 0cb05bdb75 applied Ali Gholami Rudi's patch regarding DPMS timeout customization and persistence 2008-12-12 19:34:43 +00:00
Anselm R Garbe 75dd779245 prepared release 2008-07-29 19:14:53 +01:00
Anselm R Garbe 049ccf9a90 fixed DPMS crashing issue 2008-04-08 09:55:46 +01:00
Anselm R Garbe 98e2fef63d applied two patches, BSD_AUTH patch and Gottox' DPMS support patch 2008-02-22 10:13:12 +00:00
Anselm R. Garbe 18b2f4f34f next version will be 0.8 2007-11-24 21:27:44 +01:00
Anselm R. Garbe 6fdf8be204 final fixes and cleanups 2007-11-24 21:17:32 +01:00
Anselm R. Garbe 20e294a66f updating copyright stuff in slock as well 2007-04-13 11:48:17 +02:00
Anselm R. Garbe 48a7ab2225 grab on the root window, it is correct, all lockers do that 2007-03-07 10:57:23 +01:00
Anselm R. Garbe ae8cce24d3 made slock more aggressive, DenisG please recheck 2007-02-21 21:25:53 +01:00
Anselm R. Garbe 6725bb2a3a fixed a potential buffer overflow bug on the stack (thanks to Ghassan Misherg) 2007-01-13 14:09:41 +01:00
arg@mig29 11642443f5 thanks to Jack for this hint 2006-12-08 10:53:35 +01:00
arg@mig29 ff79c382c5 small fix of Vincent's patch 2006-10-31 08:43:25 +01:00
Anselm R. Garbe 10ccc43597 added pointer grab 2006-10-16 12:59:37 +02:00
Anselm R. Garbe 597d0f27f5 applied Salmi's patch 2006-10-12 09:33:38 +02:00
Anselm R. Garbe 0f1157d7e6 applied BSD support patch 2006-10-12 08:11:08 +02:00
arg@suckless.org 763e52878d initial commit 2006-10-11 12:35:21 +02:00