Re: More desktop security thoughts (was Re: GNOME privilege library)

[Alan Cox <alan lxorguk ukuu org uk>]

On Gwe, 2005-01-14 at 14:43, Mike Hearn wrote:
> There aren't many places in GNOME where giving it bad input can break it.
> Maybe the session manager, maybe GConf.

Very few gnome apps don't crash if fed crap. Its only the last release
that a single pipe in the wrong place couldn't kill nautilus dead. If
you want to make gnome blow itself up as a user then put your home
directory into the fonts directory - that was quite good last time I
tried it, or delete the last menu off the panel and try and put it back
(now ok I think ?) and so on.

The notion that Gnome is robust against even user accident is humorous

> Unfortunately Linux itself is pretty much the polar opposite: it's trivial
> to render many distros unbootable simply by following instructions or even
> by applying automatic security updates! And if you think about it, it's

Automatic updating is what you are talking about for the desktop, and
people having update fun is precisely the kind of unexpected effect
automation causes, especially in systems like this with enormous
combinatorial variation in the settings and packages installed.

> not surprising that these urban legends of people deleting the kernel to
> clean things up are around: what other device *apart* from a desktop
> computer mixes up personal user-owned stuff with implementation details?

What other device do you own thats turing complete and permits end user
programming to a turing complete level. Any idiot can turn a Linux box
into a near indestructable appliance with a limited function set (been
there, done that) but making a useful _powerful_ system is another
matter altogether. Maybe as computers get so cheap people really will
just buy a webserver brick, a video brick, a desktop brick, and a
multimedia brick but right now they don't seem to be.

Alan