[Bug 254178] x11/xscreensaver: update to 6.02

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=254178

--- Comment #54 from Felix Palmen <felix@palmen-it.de> ---
This seems to be extremely tricky.

At its core, upstream's expectation is that you can authenticate with PAM as an
unprivileged user (and I tend to share this view), therefore there's no plan to
roll some suid-root helper with xscreensaver or use an existing 3rd-party one.

Currently, authenticating with pam_unix.so requires root privileges. Linux PAM
partially "solves" this for authenticating as the currently logged-in user with
"unix_chkpwd". Allowing just authentication as yourself is much simpler to
implement in a secure way than authenticating as any user.

I submitted a stack of reviews mimicking this Linux solution here:
https://reviews.freebsd.org/D34322. It was rejected without further comment,
and although I see a partial solution is far from ideal, from my direct
conversation with des@, I learned he doesn't even agree on the expectation that
authentication should work without privileges. So, thinking about a better and
more complete solution would probably be just time wasted.

Therefore, to get this forward, I'm all in favor of having xscreensaver on
FreeBSD use an existing helper as already suggested in this PR.

-- 
You are receiving this mail because:
You are the assignee for the bug.