[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Making kwallet more secure
From:       Oswald Buddenhagen <ossi () kde ! org>
Date:       2008-08-23 14:39:18
Message-ID: 20080823143918.GA30334 () ugly ! local
[Download RAW message or body]

On Sat, Aug 23, 2008 at 12:21:47PM +0200, Michael Leupold wrote:
> - Can I trust the information about the caller that's provided on
> receiving a message? If so I could use the interfaces to figure out
> the caller's PID and get more information to present to the user. I
> could also set ACLs based on the caller's path.
> 
even if you could trust this information, it would be completely
useless: one user's processes can interfere with each other to their
liking. that's why i told you that any such security model is worthless
unless you integrate it with SE linux or some other sandboxing solution
(and it is actually deployed by the user, which won't be the case for
the vast majority of desktop users).

-- 
Hi! I'm a .signature virus! Copy me into your ~/.signature, please!
--
Confusion, chaos, panic - my work here is done.
[prev in list] [next in list] [prev in thread] [next in thread]