Re: [PMH] Re: [Nautilus-list] Idea for Nautilus and GMC.



Hi!

    > The windows ILOVEYOU scenario included many many reports of
    > people receiving emails which said "do not open email called
    > iloveyou", but they did anyway because it was "from someone they
    > knew".  Not being able to execute simple programs like this
    > trivially puts a barrier in place so that only people who are
    > qualified to execute said program are able to.  

Well, if you want total security, dont let any software ever
downloaded from the network be executed.  Turn off java, javascript
in your browser, do not trust red carpet (after all, DNS attacks are
possible), do not trust http://go-gnome.com, and if we are in that
path, how can you trust all the code that is included in an open
source operating system?  

Java and javascript *should* run sandboxed, modulo browser bugs.

If red carpet does not check authenticity using private/public keys;
well, there's bug in red carpet to fix.

The difference between installer and application being installed is
that _installer is likely to mess your system by mistake_. If
application messes your system, it is because it is evil; but it is
hard to create installer that will not mess system. Also installer is
ran as root; while app is running as guest.
                                                                Pavel
-- 
I'm pavel ucw cz  "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents at discuss linmodems org




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]