Re: gnome-keyring enhancement proposal

From: Erik Grinaker <erikg wired-networks net>
To: "desktop-devel-list gnome org" <desktop-devel-list gnome org>
Subject: Re: gnome-keyring enhancement proposal
Date: Tue, 13 Apr 2004 20:26:03 +0200

On Tue, 2004-04-13 at 16:34, Sean Middleditch wrote:
> On Tue, 2004-04-13 at 10:23, Erik Grinaker wrote:
> 
> > Yes, this would of course need to be weighed against security
> > considerations - for example by using a timeout, so that once you enter
> 
> I may be pedantic about this, but security always wins.  We don't want
> to do the Microsoft method of security - hide it away behind simplicity
> - and screw users over.  Something closer to Mac OS X approach to
> security - make it *easy* but still there and working hard - would be
> much more appropriate.  Password dialogs for every administration tool
> (which, honestly, are *not* that commonly run) are good things.  We want
> those dialogs to make sense, to explain what they're doing, why they're
> doing it, provide tons of help, and of course reduce the need to run
> things with enhanced privileges at all, but those actions still need to
> keep the user in the loop and ensure that only actions the user
> wants/need are done.
> 
> > the root password, you can launch apps as root for ten minutes or
> > something. You would still need to explicitly start programs as root,
> > just don't re-enter the password.
> 
> I don't particularly agree, because that still leaves a 10 minute window
> for the problem when all a virus needs is a half second.  (or less,
> really.)

When it comes to granting root privileges, security of course needs to
be a primary concern - I'm just convinced there should be some way to
solve this and still keep the system secure. But I may be totally off
track here...

In any case, it would at least be nice if one could easily start
programs as other users, even if one had to re-enter the password every
time. In that case this becomes completely unrelated to gnome-keyring,
but still...


-- 
Erik Grinaker <erikg wired-networks net>
http://erikg.wired-networks.net/

"We act as though comfort and luxury were the chief requirements of
life, when all that we need to make us happy is something to be
enthusiastic about."
                                                      -- Albert Einstein

Follow-Ups:
- Re: gnome-keyring enhancement proposal
  - From: Sean Middleditch
- Re: gnome-keyring enhancement proposal
  - From: Manuel Amador (Rudd-O)

References:
- gnome-keyring enhancement proposal
  - From: Erik Grinaker
- Re: gnome-keyring enhancement proposal
  - From: Alexander Larsson
- Re: gnome-keyring enhancement proposal
  - From: Erik Grinaker
- Re: gnome-keyring enhancement proposal
  - From: Sean Middleditch
- Re: gnome-keyring enhancement proposal
  - From: Erik Grinaker
- Re: gnome-keyring enhancement proposal
  - From: Sean Middleditch

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]