From e5d0eeb05731f44a4b3d760d5ed3d764aec491bf Mon Sep 17 00:00:00 2001 From: 3hhh Date: Wed, 25 Nov 2020 19:53:40 +0100 Subject: [PATCH] add a security note on the reliability of xss-lock (which I experienced not to be very reliable) --- docs/customization/screenlockers.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/customization/screenlockers.md b/docs/customization/screenlockers.md index 6ef6707..11944ee 100644 --- a/docs/customization/screenlockers.md +++ b/docs/customization/screenlockers.md @@ -55,6 +55,13 @@ xfconf-query -c xfce4-session -p /general/LockCommand -s "[command to start your Set an empty command to disable them. +**Important Note**: +`xss-lock` continually requests a timeout (the one set via `xset s`) from the X server and if that timeout is hit, +it executes `xflock4`, which in turn executes your screenlocker. +However any bug in `xss-lock` (e.g. [this one](https://bugs.archlinux.org/task/64771) or possibly even just a X server disconnect), +may cause that trigger to _not_ happen. I.e. do **not** rely on that trigger for anything sensible, but use a keyboard screenlocker +hotkey instead! + ## Physlock [physlock](https://github.com/muennich/physlock) is an interesting screenlocker alternative as it simply uses the