Ed Leafe wrote: > On Jan 2, 2008, at 1:49 PM, Carl Karsten wrote: > >>> Sure, but he feels that that's completely unreasonable, and so he's going >>> to show us how it's possible to implement Web Update using distutils so >>> that a non-admin user can update Dabo when it's in a Python installation >>> under admin privs. >> no. >> >> I don't know what else to say, so re-read the thread. > > > From http://leafe.com/archives/showMsg/373768: - - - - - - - - - - - - - - - > - - - - - - - - - - - - - - - - - - - - "I think you are re-inventing the > wheel. "run an app as root" is not something everyone is going to accept. > Run the IDE as root is just as bad. This reeks of the "default user gets > Admin privs" that hunts Windows." - - - - - - - - - - - - - - - - - - - - - - > - - - - - - - - - - - - -
Looks like you don't understand what I mean by an app. I mean an app written in dabo. like the apps mentioned here: "2) Web updates: intended for those who are using the framework to develop their apps, or who are exploring/learning about Dabo." Those apps. or any of the Dabo GUI tools, which are also dabo apps. If you still don't get it, how about this: an app that is not normally run as root, because it does things that should not be done by root. I do not mean setup.py, easy_install, apt-get. If you want to call those apps too, let me know and I'll find a different term to keep things clear. And I am guessing you don't know why someone would desire such a thing, and maybe you even think this is my unique idea. I didn't come up with it. here are some examples: "Principle 4: Least privilege The principle of least privilege states that only the minimum access necessary to perform an operation should be granted, and that access should be granted only for the minimum amount of time necessary." http://www-128.ibm.com/developerworks/library/s-priv.html "Fundamentally, graphical toolkits must be large, and it's extremely unwise to place so much faith in the perfection of that much code, so there is no point in trying to make them do what should never be done." http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/minimize-privileges.html Not only do Dabo apps use graphical toolkits, but they are a mix of code from many sources, so the same concept applies. (and is outlined in that page, but I liked that quote the best.) I think you should read both of those pages. I am not suggesting that all of us need that level of protection, but A) it isn't a bad idea, and B) some of us do. Carl K _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/dabo-dev Searchable Archives: http://leafe.com/archives/search/dabo-dev This message: http://leafe.com/archives/byMID/dabo-dev/[EMAIL PROTECTED]
