Re: [Nautilus-list] Idea for Nautilus and GMC.

From: Pavel Machek <pavel ucw cz>
To: Ben Ford <ben kalifornia com>, Zak McGregor <zak mighty co za>
Cc: Evandro Fernandes Giovanini <efgbr terra com br>, miguel ximian com, nautilus-list eazel com, mc gnome org, prion-me-harder ximian com
Subject: Re: [Nautilus-list] Idea for Nautilus and GMC.
Date: Sun, 27 May 2001 14:01:15 +0200

Hi!

> >Now, for apps executed in such a way via Nautilus or GMC, perhaps it
> >would be a good idea to have a sort of chrooted environment for those
> >files to run in, and have the application revert the status of the file
> >*back* to whatever it was prior to the execution of it via whichever
> >interface was used to invoke it? That way, the clueless would only be
> >able to execute it via the interface, which would run it in a clean
> >environment and also protect the user from inadvertently running the
> >executable via any other means. If the user wants to run the program
> >through any other means, he would have to do the chmod +x himself,
> >leaving the situation no worse off than without these ideas implemented
> >in Nautilus...
> >
> 
> Wouldn't work well that way.  What about the Ximian installer, or the 
> RealPlayer installer?
> 
> You could do a sandbox like Java so it'd pop up a warning when a program 
> tried to overstep boundaries, but I don't think it would be worth the 
> coding effort.  User permissions are probably more that enough.  (unless 
> luser is running as root, then he can discover why you don't do
>that!)

This is already coded, see subterfugue.org. It has even nice
gui.

These are rules for "normal" untrusted application:

# Generic configuration



# It is okay to read/write to any file, if user confirms that.
path ask read /
path ask write /

# Any world-readable files are okay, too
path allow_if_public read /

path allow write /dev/tty
path allow write /dev/null
path allow write /dev/zero

# We do not want to be asked about bash...
path deny write $HOME/.bash_history

# We do not want to receive warnings about bash accessing $MAIL
path deny read $MAIL

# It is okay to connect anywhere, if you ask, first
net ask connect *
# It is okay to talk over unix domain sockets
net allow connect Unix*

path allow write /tmp/delme

								Pavel
-- 
I'm pavel ucw cz  "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents at discuss linmodems org

References:
- [Nautilus-list] Idea for Nautilus and GMC.
  - From: Miguel de Icaza
- Re: [Nautilus-list] Idea for Nautilus and GMC.
  - From: Evandro Fernandes Giovanini
- Re: [Nautilus-list] Idea for Nautilus and GMC.
  - From: Zak McGregor
- Re: [Nautilus-list] Idea for Nautilus and GMC.
  - From: Ben Ford

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]