Re: Extending the GNOME system (ideal)

["David T. Bath" <bathd edipost auspost com au>]

Alan wrote:
> 
> > > [snippage]
 > > Nautilus pretty much does this type of thing. It doesn't take care of one
> > > compound document with a bunch of objects inside, but that is really
> > > impossible to do in a generic manner. The "MS Word inside MSIE" example
> > > would work fine with Nautilus, though.

I might be missing something here, and apologise for not having gone totally
through the bonobo docs. Using Nautilus and embedded documents as an example,
(but please consider the more generic cases), and given the ability to point to
URLs, are we not opening ourselves up to the same problems that beset users
opening malicious documents from MSIE/MSOutlook, etc?

Of course, *we* would never write such documents, but malicious monkeys from
the evil empire would certainly not be discouraged by the wicked witch of the
west from writing gnome documents that cause mayhem when opened inside
bonobo containers.

Are there easy-for-dreg-users (who tend to open docs regardless without due
care) methods to set up policies, run documents from other non-trusted
domains in jails?  Maybe not now, but planned?  It would probably be a
good idea to put such policy settings as low down as possible (i.e. not
rely on each app to honor the policy, but in the library that does the
opening.)

I know this is a tremendously difficult issue, that I am too dumb to figure
out HOW to do it, but I do know that these things are commercially important.
(Well they *should* be)

Besides, running Linux or other unixes, I know I have been relatively safe
from documents written by evil monkeys.  I'd hate to lose that.

Perhaps it is best to address these issues before the genie is out of the
bottle, people getting hurt by malicious monkey documents, and we all
get a reputation for being slack on security.

Regards to you all
David
-- 
David T. Bath bathd edipost auspost com au
+613 9204 8713 (W) 0418 316 634 (Mbl)