ForgottenFlux@lemmy.world to Privacy@lemmy.mlEnglish · 5 months agoSignal under fire for storing encryption keys in plaintext on desktop appstackdiary.comexternal-linkmessage-square258fedilinkarrow-up1509arrow-down129cross-posted to: cybersecurity@sh.itjust.workstechnology@lemmy.worldfoss@beehaw.org
arrow-up1480arrow-down1external-linkSignal under fire for storing encryption keys in plaintext on desktop appstackdiary.comForgottenFlux@lemmy.world to Privacy@lemmy.mlEnglish · 5 months agomessage-square258fedilinkcross-posted to: cybersecurity@sh.itjust.workstechnology@lemmy.worldfoss@beehaw.org
minus-squareZak@lemmy.worldlinkfedilinkarrow-up5·5 months agoYou’d need write access to the user’s home directory, but doing something with desktop notifications on modern Linux is as simple as dbus-monitor "interface='org.freedesktop.Notifications'" | grep --line-buffered "member=Notify\|string" | [insert command here] Replacing the Signal app for that user also doesn’t require elevated privileges unless the home directory is mounted noexec.
You’d need write access to the user’s home directory, but doing something with desktop notifications on modern Linux is as simple as
dbus-monitor "interface='org.freedesktop.Notifications'" | grep --line-buffered "member=Notify\|string" | [insert command here]
Replacing the Signal app for that user also doesn’t require elevated privileges unless the home directory is mounted
noexec
.