> Then again they also have a bit of theater in them. For example they accepted a patch to lock the computer if a HID devices was plugged in. But while the original patch did it on any device, they modified it so that it only happens on the device ids of known mouse wigglers used in police computer seizure kits.
There was a series of two patches: one to logind to add a mechanism to tell all active user sessions to lock, and one to the udev rules provided with systemd to add a policy that plugging in a known mouse wiggler causes all active user sessions to lock.
(It wouldn't make any sense to lock the screen when inserting any HID device.)
Separately from that, logind also implements other policies for when to lock the screen, such as when closing a laptop lid without an external monitor connected.
And how bloody hard it is to make the wiggler change the ID to look like any old mouse? Or one gets kitbashed out of a existing mouse? Or a new one comes to market that is not part of the IDs systemd have on file?
There was a series of two patches: one to logind to add a mechanism to tell all active user sessions to lock, and one to the udev rules provided with systemd to add a policy that plugging in a known mouse wiggler causes all active user sessions to lock.
(It wouldn't make any sense to lock the screen when inserting any HID device.)
Separately from that, logind also implements other policies for when to lock the screen, such as when closing a laptop lid without an external monitor connected.