[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KDE Scripting Interface [2nd Try]
From:       Thomas Zander <zander () planescape ! com>
Date:       2001-07-19 19:27:58
[Download RAW message or body]


On Thu, Jul 19, 2001 at 10:21:50AM +0200, Ralf Nolden wrote:
> 
> The requirement of the definition of the security levels are IMHO
> a) forbid any dcop calls (results in a lot of KDE default functionality
> not working anymore)
> b) security per program (only allow allowed programs to execute dcop
> calls they receive)

GUI:
  The script failed because it tried to access something that might 
  compromise your security!

User:
  Then open up security, I want it to work!


This is a GUI, people want to get things done, and adding security to 
something as low-level as DCOP will severely damage the usability of
KDE as a whole.

Your example with firewalls is actually a good one, at the firewall is 
where it gets in.

Don't secure the sewers in town, just the walls surrounding it.

-- 
Thomas Zander                                            zander@earthling.net
The only thing worse than failure is the fear of trying something new

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]