Re: [Usability] Content Separation in GNOME
- From: Alan Horkan <horkana maths tcd ie>
- To: Ivan Gyurdiev <ivg2 cornell edu>
- Cc: usability gnome org, sds tycho nsa gov
- Subject: Re: [Usability] Content Separation in GNOME
- Date: Mon, 4 Apr 2005 02:34:10 +0100 (BST)
On Sun, 3 Apr 2005, Ivan Gyurdiev wrote:
> Date: Sun, 03 Apr 2005 18:12:52 -0400
> From: Ivan Gyurdiev <ivg2 cornell edu>
> To: usability gnome org
> Cc: sds tycho nsa gov
> Subject: [Usability] Content Separation in GNOME
> I have no idea what the right mailing list is to post this message -
> there are hundreds of them on GNOME's website, and I'm confused.
> In any case, my proposal is related to Usability, so I decided to
> email here.
Thank you for mailing one list at a time, so many people dont know which
list to choose and make the mistake of choosing lots of them.
> I'm helping improve the Fedora SElinux implementation, and I'm
> particularly interested in "desktop" applications, and how they might be
> confined to minimum privilege by future security policies.
> Currently applications such as sound-juicer, abiword, gnumeric, etc..
> require full read/write access to the user's /home directory.
> This is bad for security, because the /home directory contains
> all kinds of important settings for applications, mixed-content
> documents, and things downloaded from the Internet, which may contain
> hostile content.
> I would like to propose introducing content folders to GNOME, similar to
> Windows' "My Documents", "My Music", etc.. this will improve usability
Some distributions have already done this. I want to smack them really
hard with a wet fish for using that annoying "My " prefix in front of
> by creating a structure where the user can organize his or her
> documents, as opposed to storing everything in /home. This will
> improve security by allowing us to label such folders with
> individual security context, and only allow applications to
> read/write to that particular context.
> I proposed the following as a first draft to NSA-list, but the concept
> is important, not the exact folders - I'm sure you can figure out a
> better scheme:
I've suggested this (I'm "Alan Horkan", "a few default folders" was
roughly what i think I called my suggestion) or to the Desktop devel list
several times and Marc O'Morain brought it up again a while back and
others have probably suggested it too. Please search the archives. If I
have time I'll try and dig them up later but you should be able to find
them without too much trouble (using Google site:mail.gnome.org always
helps me search those archives).
Some users have their home directory set as their desktop and while I'd
like to call them rude names and ignore them for being so weird that
doesn't seem to be an option. They would not be impressed if you added
yet another folder to their beloved home directories.
(I'm grossly over simplifying because I'm in a hurry but) The solution I
thought was most promising was to have:
and various subfolders of that.
(Some people *cough* developers *cough* have difficulty getting their head
round all users files even non office related files, things like movies
and mp3s being refferred to as documents. From what I understand though
Gnome is supposed to be "document based" as opposed to say "task based"
> This proposal does not apply strictly to GNOME, but to other Desktop
> environments as well, although I haven't thought about integration in
> other environments...
This sounds very interesting, sounds like a good idea and if it can
provide added security without crippling users I really hope it will work
There are various questions people will try and trip you up with and if
you can work out answers from the past discussions and have responses
ready for them you will be more likely to make progress on this.
I really must go but I will try and provide you more information later in
Open Clip Art http://OpenClipArt.org
Alan's Diary http://advogato.org/person/AlanHorkan/
] [Thread Prev