On Tue, Apr 29, 2008 at 2:34 PM, Michael Stone <[EMAIL PROTECTED]> wrote: > On Tue, Apr 29, 2008 at 02:15:54PM -0400, Paul Fox wrote: > > michael wrote: > > > Personally, I have found extensible autostart mechanisms which process > > > third-party data to be more useful to trojan authors than to users so > > > I'm mildly inclined to consider such mechanisms to be a misfeatures > > > > really? i'm not sure where the "third-party" data comes into it. i > > suppose with browse, maybe, but my .xsession has started two xterms on > > my desktop for many years, and i've never considered it a security > > issue. just a time-saver. > > Depends. Any software you run can write to your .xsession, yes? > Afterward, will you really notice an extra instance of 'bash', or > 'kdmgd', or some other nonsense running in the background, capturing all > your keystrokes, aliasing 'sudo', running 'xauth ++', setting up a > spambot, or querying an IRC server for recent local root exploits? > > Actually, an even more compelling demonstration of the problem comes > from the Windows world. Consider the Windows 'Start' directory, the > Windows registry hives which list both autostarted "user programs" and > "services", automatically loaded drivers, corruption of Word's > normal.dot template, and Windows' tendency to automatically run software > it that it locates on data CDs. I have seen every single one of these > mechanisms used to cause substantial mischief. All of them amount to an > automatic "run this software" API. Often, there are ways to have the > software run silently, run in a fashion that users are unable to kill, > run steganographically, etc. As I said - in my honest opinion, it's a > misfeature rather than a feature. > > "Third party" comes into it because parsing untrusted data is such a > dangerous operation, particularly when the parsers are written in a > non-memory-safe language (as most of them are, "for performance"). For > this reason, both the Journal and Telepathy really scare me because they > run automatically and parse data from lots of third party sources. > > > > > Also, where does hibernation fit in your taxonomy? > > > > i'd think that's pretty different -- coming out of hibernation > > should leave the system exactly as it was when it went in. > > (unless i'm misunderstanding.) > > You understood correctly. It has been previously proposed that we should > (more or less) always hibernate. I was curious if you had thought about > the resulting system.
Interesting. To clarify for myself, you're actually asking "what if a normal reboot was treated as though it were hibernation", such that the next time the laptop boots I find myself where I left off?" On one hand, this sounds like a fantastic idea. On the other hand, it could be that I rebooted specifically to get myself out of some bad state, in which case I might not want it to relaunch 5 activities which are going to bring the system to a crawl upon booting. (But maybe I misunderstood you...) Something that is certainly much more valid is to hibernate in the battery-dies case. In other words, if the battery reaches a critically low state and the computer needs to turn off, it should allow enough time to hibernate such that the full state can be recovered when a poer cable, or a new battery. That I am a strong advocate for. - Eben _______________________________________________ Sugar mailing list [email protected] http://lists.laptop.org/listinfo/sugar
