nevaforget/moonlock
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: audit fixes — fprintd path validation, progressive faillock warning (v0.6.7)
Update PKGBUILD version / update-pkgver (push) Successful in 1s
Details

Browse Source 
- Validate fprintd device path prefix (/net/reactivated/Fprint/Device/) before
  creating D-Bus proxy (prevents use of unexpected object paths)
- faillock_warning now warns at remaining <= 2 attempts (not just == 1), improving
  UX for higher max_attempts configurations
This commit is contained in:
nevaforget
2026-03-30 16:08:59 +02:00
parent af5b7c8912
commit 59c509dcbb
4 changed files with 26 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/fingerprint.rs
+5
View File
@@ -13,6 +13,7 @@ const FPRINTD_DEVICE_IFACE: &str = "net.reactivated.Fprint.Device";
const MAX_FP_ATTEMPTS: u32 = 10;
const DBUS_TIMEOUT_MS: i32 = 3000;
const FPRINTD_DEVICE_PREFIX: &str = "/net/reactivated/Fprint/Device/";
/// Retry-able statuses — finger not read properly, try again.
const RETRY_STATUSES: &[&str] = &[
@@ -99,6 +100,10 @@ impl FingerprintListener {
if device_path.is_empty() {
return;
}
if !device_path.starts_with(FPRINTD_DEVICE_PREFIX) {
log::warn!("Unexpected fprintd device path: {device_path}");
return;
}
match gio::DBusProxy::for_bus_future(
gio::BusType::System,