On Mon, 2006-02-27 at 16:47 +0100, Francois Gouget wrote: > Hmm, this would only work if you use SE-Linux and would only prevent one > way for applications to auto-start when there are dozens other ways to > achieve the same effect (you missed hacking the StartMenus, the Desktop > icons, XDG/Mailcap/KDE/Gnome MIME associations, hacking $PATH, etc).
Well, the idea is that long term programs would not be able to modify config files at all unless explicitly authorized (by the operating system developers). So Wine should not be able to modify the ~/.firefox and vice-versa. MAC security is usually based on the idea of denying everything, then selectively allowing certain actions. Also SELinux is not the only such framework, there is also AppArmor and PAX on Linux, Core Force on Windows ... > It's worse than that. As soon as you run any untrusted piece of code, > even in your account, it is game over for your account. Today, yes, but I think one long term aim should be to change that. Users clearly _do_ run less trustworthy code in their accounts all the time, because there's no real way to determine if a program is "evil" or not ahead of time. It's possible to make an OS robust against this reality, so we may as well start evolving Linux in this direction now ... thanks -mike _______________________________________________ xdg mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/xdg
