Re: Lockdown... Take 2

From: Havoc Pennington <hp redhat com>
To: Rob Adams <readams readams net>
Cc: "desktop-devel-list gnome org" <desktop-devel-list gnome org>
Subject: Re: Lockdown... Take 2
Date: Wed, 15 Oct 2003 00:33:58 -0400

On Tue, 2003-10-14 at 13:13, Rob Adams wrote:
> Could we LD_PRELOAD an exec() (and system() ) wrapper for lockdown mode?
> 

No good, it's insecure, unscalable, and breaks things. What I meant was
just modifying the OS itself. Ultimately there _are_ some problems that
are just not right to address on the GNOME level.

Or at the very least something like g_exec() so we can categorically
make all G-apps use the restrictions for _all_ exec() uses, and have
well-defined semantics that don't involve wacky shell parsing. But 
I think this is suboptimal.

I'm just having trouble envisioning that we will get "prevent executable
Foo from being run" properly implemented. It feels right to me that the
GNOME piece should be about removing UI for running Foo, not about
preventing Foo in general. That is, the GNOME piece should have to do
with .desktop files and menu items, not executables.

Havoc

References:
- Lockdown... Take 2
  - From: Matt Keenan
- Re: Lockdown... Take 2
  - From: Alexander Larsson
- Re: Lockdown... Take 2
  - From: Havoc Pennington
- Re: Lockdown... Take 2
  - From: Rob Adams

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]