[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: KDE Scripting Interface [2nd Try]
From:       Igor Gilitschenski <igi-g () gmx ! net>
Date:       2001-07-21 5:41:15
[Download RAW message or body]

Hi,

On Fri, Jul 20, 2001 at 10:45:08PM +0200, Martijn Klingens wrote:
> Maybe asking for permission as soon as the file system, the shell and or 
> interprocess communication is involved? "This document tries to send email, 
> do you want to allow this?" makes more sense than "This document contains 
> macros, do you want to run them?".
Sounds good, but we have to make sure, that the document is checked at
the Start Up, because nobody wants to see 30 Times an warning message.
Another Question would be self attaching viruses, therefor we would
need, as you have mentioned a Digital Signature.

> With for example digitally signing KOffice docs and maintaining a list of 
> signatures from trusted users it is then possible to allow the full power 
> within a company's lan, but still have security from 'alien' documents. 
> Although such a scheme means that once a trusted user is compromised he/she 
> is allowed to spread the code through the entire network then. Maybe better 
> would be to have a few simple ACLs like mayReadFiles, mayWriteFiles and 
> mayUseKMailIface stored on a per-doc or per-author basis on the user's 
> system, so a sysadmin can control very well what functionality the company 
> uses in its macros and what is to be considered malicious.
So. I question wether we need an Unique signature and encription
infrastructure.

Igor
-- 
"Die Wirklichkeit ist nicht die Wahrheit"
- Realitaetspinzip, 1983, Erich Fried

[prev in list] [next in list] [prev in thread] [next in thread]