> Oh, no, definitely not. GConf trusts all clients once it allows them > to connect. (To connect they need the cryptographically-random IOR > stored in ~/.gconfd in the user's home directory.) This makes sense, as I don't see any reliable mean to ensure the identity of an application (not a user). I had the case of applications running in a Java VM in mind, but this does not apply to native code. A last question (they all say that :-)): let's imagine a configuration with two users, one privileged, the other not. The unprivileged user can read part of the configuration of the privileged one, but cannot modify it. As these are two users, they each run their own gconfd. How do these two gconfd interact ? Would modifications made on the shared part be detected by the read-only gconfd ? Or is it completely left to the backends ? Frédéric
Attachment:
pgpWFCDGTzq1p.pgp
Description: PGP signature