On Mon, Oct 31, 2005 at 10:19:47PM -0500, Jonathan S. Shapiro wrote: > On Mon, 2005-10-31 at 19:41 -0700, Christopher Nelson wrote: > > > 1) How does an administrator help a user fix a misbehaving session (i.e. > > > if a malicious program finds some way to take over a user's session by > > > doing something like take focus any time the user moves the mouse) if > > > they can't interact with the user's session?
A normal application should not have the right to move windows. It may have the right to ask the window manager to do that. The window manager must be trusted by the user. The user should be able to tell the window manager "don't accept any requests from windows to be moved", and then it will do that. This is a situation which is unlikely to be useful anyway: windows moving themselves. It is allowed in X, but is it ever useful? Just like screen grabbing, I'd make it possible only if the user explicitly allowed it. Shapiro will probably consider this another example of something which shouldn't be made possible at all. :-) In case things go really bad, for example the window manager is cracked, there should be a layer on top of it: the system menu. The system menu should at least allow to detach a session and attach some other session. It may also provide some means to rescue your session. To enter it, some hardware needs to be reserved. As Shapiro pointed out previously, this hardware exists: the "system request" key combination (alt-print screen on my machine). The keyboard driver must make sure that this key combination will always bring up the system menu, and that it cannot be handled by a (potentially hostile) application. > > Same way you do it on a Windows system: reboot. ;-) We implement all the good features of all OSs we know. ;-) > Doesn't work in a persistent system. There you go. I just asked for a problem with persistence in a previous e-mail, and now I've found it. :-) Next question: Is this a problem? I think not... Thanks, Bas -- I encourage people to send encrypted e-mail (see http://www.gnupg.org). If you have problems reading my e-mail, use a better reader. Please send the central message of e-mails as plain text in the message body, not as HTML and definitely not as MS Word. Please do not use the MS Word format for attachments either. For more information, see http://129.125.47.90/e-mail.html
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
