Re: gsu (Was Re: More Political Stuff)

From: Preben Randhol <randhol pvv org>
To: James Henstridge <james daa com au>
Cc: ERDI Gergo <cactus telnet hu>, Ali Abdin <aliabdin aucegypt edu>,Havoc Pennington <hp redhat com>, Kjartan Maraas <kmaraas online no>,GNOME development <gnome-devel-list gnome org>
Subject: Re: gsu (Was Re: More Political Stuff)
Date: Tue, 29 Aug 2000 07:55:16 +0200

James Henstridge <james@daa.com.au> wrote on 29/08/2000 (07:49) :
> I think that previously decided that this problem wasn't worth worrying
> about.  Since if you can sneak in a rouge theme like this, you could
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- An (ignorant) user can run a program gotten off the web that modifies
  the theme without knowing it.

- Local exploits from other programs might be used.

- An (ignorant) user can download the super-cool-theme from the web and
  use it without realising that it isn't safe.

Remember that the average user is hers/his own sys.adm without the
knowledge of a sys.adm.

> probably connect to the person's X server anyway, and sniff arbitrary
> events.  Making a special case for the gsu gui would not really help at
> all.

Isn't gsu a special case?

-- 
Preben Randhol - Ph.D student - http://www.pvv.org/~randhol/
"i too once thought that when proved wrong that i lost somehow"
                               - i was hoping, alanis morisette

References:
- Re: gsu (Was Re: More Political Stuff)
  - From: Preben Randhol
- Re: gsu (Was Re: More Political Stuff)
  - From: James Henstridge

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]