Re: lock down features



On Thu, Nov 14, 2002 at 11:44:36AM -0500, Havoc Pennington wrote:
> On Thu, Nov 14, 2002 at 04:17:50PM +0000, Rui Miguel Seabra wrote: 
> > Thus, this "lock down' should be taken as a preventive method for
> > accidental changes that should not be promoted.
> > 
> > Or am I missing something?
> 
> I think you're right that it isn't genuinely secure, yes.
> But I don't know if that's a requirement, at least for an initially
> useful feature.

In this general vein, what is "lockdown" meant to cover here. Before
we start talking about code impact, what does the endgame look like?

It's going to be very hard to stop an intentionally malicious user from
changing things around (by screwing around in .gnome2 and .gconf, for
example). So are we just trying to make this harder to do and then if
something gets muddled up the sysadmin can just blow away $HOME/.gconf*
and $HOME/.gnome* and have the user log back in to get to the "official
setup"? Or...?

Without this, it's the situation Jeff and Glynn (a.o.) mention, where
cycles are burnt looking at something that turns out to be unfit for the
purpose.

Malcolm

-- 
The sooner you fall behind, the more time you'll have to catch up.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]