Bug 435954 - "[Log out | Reboot | Halt] without confirmation" actions are too dangerous to have keyboard shortcuts by default
Summary: "[Log out | Reboot | Halt] without confirmation" actions are too dangerous to...
Status: RESOLVED FIXED
Alias: None
Product: ksmserver
Classification: Plasma
Component: general (show other bugs)
Version: 5.21.4
Platform: Neon Linux
: NOR normal (vote)
Target Milestone: ---
Assignee: David Edmundson
URL:
Keywords: usability
Depends on:
Blocks:
 
Reported: 2021-04-20 13:15 UTC by Javier O. Cordero Pérez (Cuperino)
Modified: 2021-04-26 10:36 UTC (History)
2 users (show)

See Also:
Latest Commit:
Version Fixed In: 5.22


Attachments
Image of a keyboard layout that fits the description (51.13 KB, image/jpeg)
2021-04-20 13:15 UTC, Javier O. Cordero Pérez (Cuperino)
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Javier O. Cordero Pérez (Cuperino) 2021-04-20 13:15:31 UTC
Created attachment 137727 [details]
Image of a keyboard layout that fits the description

SUMMARY
Due to ksmserver's default session shortcuts and my laptop having an unusual keyboard layout, I've often rebooted or powered my computer off, without warning, accidentally.

STEPS TO REPRODUCE
1. Own a keyboard that places the Page Up and Page Down keys next to the Left Arrow and Right Arrow keys.
2. Change the shortcuts for "move window to the next workspace΅ and "move window to the previous workspace" to the following, similar, shortcuts: Ctrl+Shift+Alt+Right to move a window to the next Workspace, and
Ctrl+Shift+Alt+Left to move a window to the previous workspace
3. Press Ctrl+Shift+Alt+PageDown and Ctrl+Shift+Alt+PageUp inadvertently when moving windows across workspaces while preforming regular work hastily, without looking at the keyboard.

OBSERVED RESULT
System powers off or reboots without confirmation because the "Halt Without Confirmation" and "Reboot Without Confirmation" shortcuts are triggered.

EXPECTED RESULT
People who press these shortcuts accidentally may think the computer powered off for no reason. Also, the existence of these shortcuts represents a security concern, since those defaults could be used to exploit a system faster through keystroke injection attacks. For those reasons, I would expect that the shortcuts for "Halt Without Confirmation", "Log Out Without Confirmation", and "Reboot Without Confirmation" were not tied to a keyboard combination, nor enabled by default.

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: KDE neon User Edition 5.21 x86_64
KDE Plasma Version: 5.21.4
KDE Frameworks Version: 5.81.0
Qt Version: 5.12.2

ADDITIONAL INFORMATION
Host: XPS 13 7390 2-in-1
Graphics Platform: X11
Comment 1 Nate Graham 2021-04-21 22:02:40 UTC
That's the ISO UK English layout, which is not too uncommon, but it also doesn't have anything to do with this issue. :)

I very very strongly agree that these actions are too dangerous/annoying to have default shortcuts.
Comment 2 David Edmundson 2021-04-21 23:05:15 UTC
>Due to ksmserver's default

This isn't the default. You've explicitly set it to not prompt.
I don't think there is anything we should do.
Comment 3 Javier O. Cordero Pérez (Cuperino) 2021-04-22 04:59:27 UTC
(In reply to David Edmundson from comment #2)
> >Due to ksmserver's default
> 
> This isn't the default. You've explicitly set it to not prompt.
> I don't think there is anything we should do.

I'm not aware of ever explicitly setting it up to not prompt. In fact, I always leave "Confirm logout" and "Offer shutdown options" enabled to prevent any accidents; and they're still enabled. It doesn't seem to me like these settings are actually related to the issue.

If you go to lines 881 through 894, of `ksmserver/server.cpp`, in the master branch (78f04b581356b4765d297547413419149f76aad8), you'll find the `KSMServer::setupShortcuts()` method, which sets up each of the default shortcuts.
Comment 4 Nate Graham 2021-04-22 05:44:48 UTC
(In reply to David Edmundson from comment #2)
> >Due to ksmserver's default
> 
> This isn't the default. You've explicitly set it to not prompt.
> I don't think there is anything we should do.
That's not correct. These actions do indeed execute their actions with no prompt, just as they say they will.
Comment 5 Bug Janitor Service 2021-04-22 14:54:29 UTC
A possibly relevant merge request was started @ https://invent.kde.org/plasma/plasma-workspace/-/merge_requests/808
Comment 6 David Edmundson 2021-04-22 21:22:53 UTC
I stand corrected, my apologies.

It's worth noting this was (accidentally) introduced in 5.21 with 78ca6af1835be77b575d325e61f770b2b436a01e
Comment 7 Nate Graham 2021-04-22 21:32:24 UTC
Heh whoops. I guess that makes this a bugfix! :)
Comment 8 Nate Graham 2021-04-26 10:36:10 UTC
Git commit e8e17c5ef8734fa56a78405e32277568e4e1095e by Nate Graham.
Committed on 26/04/2021 at 10:35.
Pushed by ngraham into branch 'master'.

[ksmserver] Remove default shortcuts for "Without Confirmation" actions

These actions bypass the user setting for whether or not to show the
logout screen and always log out/reboot/etc. immediately.  Because they
have default keyboard shortcuts, they can be triggered by accident and
cause unexpected logouts/reboots/etc.
FIXED-IN: 5.22

M  +3    -3    ksmserver/server.cpp

https://invent.kde.org/plasma/plasma-workspace/commit/e8e17c5ef8734fa56a78405e32277568e4e1095e
Comment 9 Nate Graham 2021-04-26 10:36:16 UTC
Git commit 656fc544f91ddfff91dbc3c8694cf7e8055b35f3 by Nate Graham.
Committed on 26/04/2021 at 10:35.
Pushed by ngraham into branch 'master'.

Remove references to "Without Confirmation" actions

These shortcuts are being removed in
https://invent.kde.org/plasma/plasma-workspace/-/merge_requests/808

M  +0    -15   doc/fundamentals/ui.docbook

https://invent.kde.org/system/khelpcenter/commit/656fc544f91ddfff91dbc3c8694cf7e8055b35f3