On Tue, 2013-08-13 at 08:18 +0000, Laako, Jussi wrote: > > Which is not a normal Linux desktop, is it? > > Isn't it? At least it's like openSUSE or Ubuntu. Only Windows users > tend to use their computer as admin. > > As long as you 1) use SMACK/SELinux/AppArmor correctly configured > and/or 2) run gsignond as some other user id both the API access and > the database are protected.
That's the key point: is any Linux desktop set up to protect the signon database like that? I don't doubt that it is doable, I'm just wondering whether it is done. If it is, great, then access control is worth it. If not, then it adds no additional security and just makes the system less usable (can't use valgrind, can't use my self-compiled binary unless I install it). -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. _______________________________________________ SyncEvolution mailing list [email protected] https://lists.syncevolution.org/mailman/listinfo/syncevolution
