Re: /tmp/.ICE-unix

From: Liam Quin <liam holoweb net>
To: gnome-hackers gnome org
Subject: Re: /tmp/.ICE-unix
Date: Sun, 16 Sep 2001 23:18:49 -0400

On Sun, Sep 16, 2001 at 06:11:26PM -0700, Seth Aaron Nickell wrote:
>>> Anyone know what is going on here? Presumably it's a security issue in
>>> addition to causing a sleep(5)...

Alan Cox pointed out:
>> If its a security issue sleep(5) is inappropriate it shgould be exit(1)

And Seth spluttered:
> Bullshit. Security is only worthwhile because it helps people maximize 
> their use of computers (given that security violations result in loss of 
> some functionality, whether that be privacy or actual data, or just time). 

This is the reasoning that led to Microsoft Bob prompting you with your
password if you guessed wrong too many times.

If the ownership is important, bring up a modal dlog box and wait for
the user to say, "OK, run anyway" or something.

If the ownership is not important, why check for it in the first place?

So...

> Printing the data out to the commandline is also a silly approach. If this 
> represents a significant security violation, it should pop up a dialogue 
> warning the user, and offer to fix it (of course prompting for a root 
> password). 

Here we agree.  Unless maybe even that much access can cause security
problems.

Lee

-- 
Liam Quin - XML Core staff contact, W3C, http://www.w3.org/People/Quin/
Ankh: irc.sorcery.net www.valinor.sorcery.net irc.gnome.org www.advogato.org
Author, Open Source XML Database Toolkit, Wiley August 2000
Co-author: The XML Specification Guide, Wiley 1999; Mastering XML, Sybex 2001

_______________________________________________
gnome-hackers mailing list
gnome-hackers gnome org
http://mail.gnome.org/mailman/listinfo/gnome-hackers

References:
- /tmp/.ICE-unix
  - From: Havoc Pennington
- Re: /tmp/.ICE-unix
  - From: Alan Cox
- Re: /tmp/.ICE-unix
  - From: Seth Aaron Nickell

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]