Re: gsu (Was Re: More Political Stuff)



James Henstridge <james@daa.com.au> wrote on 29/08/2000 (07:49) :
> I think that previously decided that this problem wasn't worth worrying
> about.  Since if you can sneak in a rouge theme like this, you could
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

- An (ignorant) user can run a program gotten off the web that modifies
  the theme without knowing it.

- Local exploits from other programs might be used.

- An (ignorant) user can download the super-cool-theme from the web and
  use it without realising that it isn't safe.

Remember that the average user is hers/his own sys.adm without the
knowledge of a sys.adm.

> probably connect to the person's X server anyway, and sniff arbitrary
> events.  Making a special case for the gsu gui would not really help at
> all.

Isn't gsu a special case?

-- 
Preben Randhol - Ph.D student - http://www.pvv.org/~randhol/
"i too once thought that when proved wrong that i lost somehow"
                               - i was hoping, alanis morisette





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]