Originally Posted by papangul
Ideally, there wouldn't be any restrictive licenses in this world that keep the software in those repos out of our main distribution.
Originally Posted by papangul
Ideally, there wouldn't be any restrictive licenses in this world that keep the software in those repos out of our main distribution.
Hopefully finer grained security such as SElinux will help the silly situation we are in at the moment with the archaic system of only installing from trusted sources, sounds exactly like Windows to me.
Any program I install should NOT be able to affect anything apart from itself, let alone require root that is just crazy. And even with user level access trashing my home dir is not acceptable either, much much finer control needed me thinks.
That sounds great!Originally Posted by stimpack
I thought about this yesterday, too. You can already run programs as a different user, and that user can have the rights to write nowhere.Originally Posted by stimpack
But it's still not a perfect solution. Giving out text editors that cannot edit files will not go over well. Or take music players; people will complain if a player doesn't support tag editing. You could have an additional system dialog asking for confirmation each time you edit a file, which will seem very tedious to users; or give it write acess to your entire music library, at which point it can delete them all.
The problem is that the only easy way to manage security risks would be a tcpa-like solution, and we certainly don't want that. But we can't force users to micromanage file access rights; they'd just run as root the whole time because it'll be more "user-freindly".
Bookmarks