Re: cleaning up keyrings

From: David Zeuthen <david fubar dk>
To: Havoc Pennington <hp redhat com>
Cc: desktop-devel-list gnome org
Subject: Re: cleaning up keyrings
Date: Tue, 28 Aug 2007 19:26:58 -0400

On Tue, 2007-08-28 at 19:08 -0400, Havoc Pennington wrote:
> A better approach, for example, would be to have selinux or signatures
> or something such that apps that come with the OS are automatically
> trusted and the dialog or other obscure procedure only arises for
> third-party apps. Then people don't get as used to just clicking "yes"
> all the time and _might_ slow down for the dialog when it really
> matters.

Certainly. Maybe add to your spec that there needs to be an easy way for
OS vendors / site / system admins to maintain a whitelist of apps that
are always allowed to access a certain types of keys without having to
nag the user. Means you need a grouping/type concept though. (And FWIW I
think path-based security is more than sufficient here.)

     David

References:
- cleaning up keyrings
  - From: Havoc Pennington
- Re: cleaning up keyrings
  - From: David Zeuthen
- Re: cleaning up keyrings
  - From: Havoc Pennington

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]