Re: lock down features

From: Malcolm Tredinnick <malcolm commsecure com au>
To: desktop-devel-list gnome org
Subject: Re: lock down features
Date: Fri, 15 Nov 2002 14:03:39 +1100

On Thu, Nov 14, 2002 at 11:44:36AM -0500, Havoc Pennington wrote:
> On Thu, Nov 14, 2002 at 04:17:50PM +0000, Rui Miguel Seabra wrote: 
> > Thus, this "lock down' should be taken as a preventive method for
> > accidental changes that should not be promoted.
> > 
> > Or am I missing something?
> 
> I think you're right that it isn't genuinely secure, yes.
> But I don't know if that's a requirement, at least for an initially
> useful feature.

In this general vein, what is "lockdown" meant to cover here. Before
we start talking about code impact, what does the endgame look like?

It's going to be very hard to stop an intentionally malicious user from
changing things around (by screwing around in .gnome2 and .gconf, for
example). So are we just trying to make this harder to do and then if
something gets muddled up the sysadmin can just blow away $HOME/.gconf*
and $HOME/.gnome* and have the user log back in to get to the "official
setup"? Or...?

Without this, it's the situation Jeff and Glynn (a.o.) mention, where
cycles are burnt looking at something that turns out to be unfit for the
purpose.

Malcolm

-- 
The sooner you fall behind, the more time you'll have to catch up.

Follow-Ups:
- Re: lock down features
  - From: George Farris
- Re: lock down features
  - From: Jeff Waugh

References:
- Re: lock down features
  - From: Rui Miguel Seabra
- Re: lock down features
  - From: Havoc Pennington

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]