[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: One Way to Increase KDE security
From: Dave Feustel <dfeustel () mindspring ! com>
Date: 2005-12-27 13:35:12
Message-ID: 200512270835.13146.dfeustel () mindspring ! com
[Download RAW message or body]
On Tuesday 27 December 2005 06:19, David Faure wrote:
> On Tuesday 27 December 2005 03:05, Dave Feustel wrote:
> > Delete all kde/Xorg sockets in /tmp everytime KDE exits.
>
> Can you please stop making up facts about "security" every day on this list?
> It wouldn't be so annoying if it actually made sense...
I didn't make this up. I have seen (network) sockets created that had no obvious
connection to anything I was running on my computer. I now routinely delete
those sockets as soon as I see them, with no detectable ill effects whatsoever
on my system. The only problem this causes is that restarting DCOP while kde is
running doesn't always work after deleting all the files in /tmp and /home/daf/Tmp.
Restarting kde does (usually) fix DCOP. This is good design by kde developers. I
have been crashing kde regularly to restore functionality that suddenly stops
working (presumably because of hacking), and kde recovers very well.
I am impressed. (Windows was not quite so robust when I was using that os).
I am pretty sure that DCOP is part of the security problem in KDE, although
I think the big problems are that P-Grant-Pty is not properly ported to OpenBSD
by the OpenBSD developers and that the socket /tmp/.ICE-unix/X0 is created by
Xorg with world rw permissions. I chmod the permissions first thing when I
start kde and it causes me no problems, so it seems like a good idea.
I strongly recommend that KDE delete all temporary files, including sockets,
every time kde shuts down. I do this now even during the kde session if I
suddenly start having problems.
I also would like an option for kde's forgetting about sessions at shutdown.
IE kde starts with no remembered sessions each time it restarts.
I would also like to be able to increase the amount of information reported
in error messages. I get a lot of error messages when I crash kde and I infer
things from the nature of the errors reported. More info would help me
distinguish between proper and improper activity. This is easy for me since my
computer is a single-user system and all messages should be related to things
*I* am doing on the system.
Dave Feustel
--
Lose, v., experience a loss, get rid of, "lose the weight"
Loose, adj., not tight, let go, free, "loose clothing"
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic