[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Outstanding critical issue for KDE 2.2
From:       Rolf Magnus <ramagnus () zvw ! de>
Date:       2001-08-02 21:43:25
[Download RAW message or body]

On Wednesday 01 August 2001 23:32, Neil Stevens wrote:


> So disable something potentially useful, for the 5% or whatever of people
> using KDE in multiuser environments?  This isn't a "security" problem for
> a single-user desktop.

So you don't want to disable something potentially dangerous, just for the 5% 
or whatever of people that are too lazy to type in their credit card number 
more than once?
KDE and Unix is a multiuser environment, and as such, it _must_ provide 
enough security for both muti-user and single-user desktos.
And someone could still break into your house and get that data because it's 
unencrypted on your disk. Or think about a virus that gets your 
autocompletion history and sends it to a server over the Internet.

> OK, I made up that number.  But the relative number of multiuser vs
> singleuser KDE installs should determine what case we optimize for.

Please, don't treat security as something unimportant that can be ignored for 
convenience. Microsoft does this, and it's the reason why I haven't done 
anything in the Internet under Windoze for the last two years. It's just too 
insecure.

-- 
2 hours? Boy, that's way too old. You should use a more recent version.
(Waldo Bastian about a copile error in a 2 hours old CVS version of KDE)

[prev in list] [next in list] [prev in thread] [next in thread]