Re: [Nautilus-list] Idea for Nautilus and GMC.
- From: Pavel Machek <pavel ucw cz>
- To: Ben Ford <ben kalifornia com>, Zak McGregor <zak mighty co za>
- Cc: Evandro Fernandes Giovanini <efgbr terra com br>, miguel ximian com, nautilus-list eazel com, mc gnome org, prion-me-harder ximian com
- Subject: Re: [Nautilus-list] Idea for Nautilus and GMC.
- Date: Sun, 27 May 2001 14:01:15 +0200
> >Now, for apps executed in such a way via Nautilus or GMC, perhaps it
> >would be a good idea to have a sort of chrooted environment for those
> >files to run in, and have the application revert the status of the file
> >*back* to whatever it was prior to the execution of it via whichever
> >interface was used to invoke it? That way, the clueless would only be
> >able to execute it via the interface, which would run it in a clean
> >environment and also protect the user from inadvertently running the
> >executable via any other means. If the user wants to run the program
> >through any other means, he would have to do the chmod +x himself,
> >leaving the situation no worse off than without these ideas implemented
> >in Nautilus...
> Wouldn't work well that way. What about the Ximian installer, or the
> RealPlayer installer?
> You could do a sandbox like Java so it'd pop up a warning when a program
> tried to overstep boundaries, but I don't think it would be worth the
> coding effort. User permissions are probably more that enough. (unless
> luser is running as root, then he can discover why you don't do
This is already coded, see subterfugue.org. It has even nice
These are rules for "normal" untrusted application:
# Generic configuration
# It is okay to read/write to any file, if user confirms that.
path ask read /
path ask write /
# Any world-readable files are okay, too
path allow_if_public read /
path allow write /dev/tty
path allow write /dev/null
path allow write /dev/zero
# We do not want to be asked about bash...
path deny write $HOME/.bash_history
# We do not want to receive warnings about bash accessing $MAIL
path deny read $MAIL
# It is okay to connect anywhere, if you ask, first
net ask connect *
# It is okay to talk over unix domain sockets
net allow connect Unix*
path allow write /tmp/delme
I'm pavel ucw cz "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents at discuss linmodems org
] [Thread Prev