On Tuesday 23 February 2010, Timo Juhani Lindfors wrote: > Rui Miguel Silva Seabra <[email protected]> writes: > > Everything should be run as the user. Using dbus should be enough for > > getting the priviledged stuff done at FSO level. > > Note that running as a normal user might not limit your privileges > that much on openmoko: > > #2321 any user can run wmiconfig -i eth0 --power maxperf > http://docs.openmoko.org/trac/ticket//2321
It does make it harder to install a rootkit though, and without a rootkit the actions and the malware remain detectable. It has been noted before that most of the things we care about on a phone are things the user has to have access to. What we want is a permission system that limits access to resources by application, not just by user. _______________________________________________ Openmoko community mailing list [email protected] http://lists.openmoko.org/mailman/listinfo/community
