Re: Lockdown stuff

From: Havoc Pennington <hp redhat com>
To: Alexander Larsson <alexl redhat com>
Cc: Matt Keenan <Matt Keenan sun com>, "desktop-devel-list gnome org" <desktop-devel-list gnome org>
Subject: Re: Lockdown stuff
Date: 08 Oct 2003 11:33:27 -0400

Hi,

Couple small comments - 

1. With the new GTK+ 2.4 menu system, admins can get precise menu 
   control that way, automatically for all menus. This is how it 
   works in KDE. Either we can say they have to edit the menu layout
   files, or we can have a little "override" file for each layout
   that lets you exclude items. This way the lockdown is tied to 
   the layout files and doesn't get out of sync.

2. I agree with Alex 100% that we have to _understand_ (and ideally 
   even document!) the purpose of each lockdown key. The fastest 
   way to buggy unmaintainable bloat is the "shotgun" approach 
   to design, "we don't know what people want so we'll just do   
   everything."

3. It seems to me that a great start would be to document what 
   Windows, KDE, etc. offer.

4. Let's get some simple basics in CVS ASAP. Did George ever 
   commit anything? We can't afford to block lockdown mode too 
   long, it needs to be in 2.6 and that means it does need
   a pragmatic KISS approach to getting it done.

5. Where lockdown is supposed to offer real security, OS mechanisms
   like permissions are preferred; where we're just putting the 
   user in a padded room, gconf is probably fine.

6. I love that people are working on this!

.02,
Havoc

Follow-Ups:
- Re: Lockdown stuff
  - From: Ian Peters

References:
- Re: Lockdown stuff
  - From: Matt Keenan
- Re: Lockdown stuff
  - From: Alexander Larsson

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]