From kde-core-devel Sat Jul 21 05:41:15 2001 From: Igor Gilitschenski Date: Sat, 21 Jul 2001 05:41:15 +0000 To: kde-core-devel Subject: Re: KDE Scripting Interface [2nd Try] X-MARC-Message: https://marc.info/?l=kde-core-devel&m=99577139109310 Hi, On Fri, Jul 20, 2001 at 10:45:08PM +0200, Martijn Klingens wrote: > Maybe asking for permission as soon as the file system, the shell and or > interprocess communication is involved? "This document tries to send email, > do you want to allow this?" makes more sense than "This document contains > macros, do you want to run them?". Sounds good, but we have to make sure, that the document is checked at the Start Up, because nobody wants to see 30 Times an warning message. Another Question would be self attaching viruses, therefor we would need, as you have mentioned a Digital Signature. > With for example digitally signing KOffice docs and maintaining a list of > signatures from trusted users it is then possible to allow the full power > within a company's lan, but still have security from 'alien' documents. > Although such a scheme means that once a trusted user is compromised he/she > is allowed to spread the code through the entire network then. Maybe better > would be to have a few simple ACLs like mayReadFiles, mayWriteFiles and > mayUseKMailIface stored on a per-doc or per-author basis on the user's > system, so a sysadmin can control very well what functionality the company > uses in its macros and what is to be considered malicious. So. I question wether we need an Unique signature and encription infrastructure. Igor -- "Die Wirklichkeit ist nicht die Wahrheit" - Realitaetspinzip, 1983, Erich Fried