CivicActions/guidebook

Insecure recommendation in Screen lock ("Securing Your Workspace") documentation

rdiaz02 opened this issue · 1 comments

In https://guidebook.civicactions.com/en/latest/common-practices-tools/security/securing-your-workspace/

you suggest

xss-lock -- i3lock -n -c 000000

exec --no-startup-id xss-lock -- i3lock -n -c 000000

That, however, is not the recommended procedure to ensure screen is locked on suspend, because the call to xss-lock is missing the argument --transfer-sleep-lock to xss-lock. See the help of i3wm itself: https://github.com/i3/i3lock?tab=readme-ov-file#running-i3lock and additional discussion here i3/i3lock#207 (argument "-l" and "--transfer-sleep-lock" are the same).

@rdiaz02 - Good catch - please submit a PR to correct the page. Thanks!