From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1751967AbbCVWXl (ORCPT <rfc822;w@1wt.eu>);
	Sun, 22 Mar 2015 18:23:41 -0400
Received: from mail.linuxfoundation.org ([140.211.169.12]:57798 "EHLO
	mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751893AbbCVWXk (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Sun, 22 Mar 2015 18:23:40 -0400
Date: Sun, 22 Mar 2015 23:23:37 +0100
From: Greg KH <gregkh@linuxfoundation.org>
To: helene.gsaenger@studium.fau.de
Cc: jslaby@suse.cz, dh.herrmann@gmail.com, daniel.vetter@ffwll.ch,
        peter@hurleysoftware.com, tiwai@suse.de, mark.d.rustad@intel.com,
        joe@perches.com, linux-kernel@vger.kernel.org,
        linux-kernel@i4.cs.fau.de, simone.weiss@fau.de
Subject: Re: questions to planned lock-functionality for vts
Message-ID: <20150322222337.GA28785@kroah.com>
References: <5084791d6ec7b09c5f3047a376cc8677.squirrel@faumail.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5084791d6ec7b09c5f3047a376cc8677.squirrel@faumail.uni-erlangen.de>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Sun, Mar 22, 2015 at 11:03:03PM +0100, helene.gsaenger@studium.fau.de wrote:
> Hello,
> 
> 
> We want to add a functionality to the kernel that allows to lock and unlock
> virtual terminals to maybe one day replace X11 screensavers and console
> lockers by a more secure kernel mechanism.

Wait, what's wrong with the existing functionality?

> It should behave like:
> If user A owns e.g. vt2, A is able to lock vt2 and unlock it again.
> This is realized by a userspace programm that calls ioctl, which the above
> mentioned added cases VT_LOCK and VT_UNLOCK.
> Another user(that is not root) wouldn't be allowed to un-/lock vt2.
> If anybody wants to change to a looked VT he gets redirected to vt12.
> At vt12 a userspace programm (to unlock a VT) would run and ask for
> loginname and password, if it is the password from the user that owns the
> locked terminal or from root.
> The VT gets unlocked and the user gets directed to his terminal.

Why would you want to put all of that into the kernel?

thanks,

greg k-h