Re: A small security feature proposition
- From: David Mohring <heretic ihug co nz>
- To: Grzegorz Staniak <gstaniak zagiel pl>
- Cc: gnome-list gnome org
- Subject: Re: A small security feature proposition
- Date: Sun, 04 Jun 2000 13:03:29 +1200
A more constrained approach would probably be better.
gnome-script - Safer XML scripting
Create a list of approved "external file" operations in the
same vain as the gnome mime file type list.
Each operation would have
a unique identifier,
a list of "security area group" groups to grant/deny access,
a script to check the parameters,
a shell/bonobo/file template to call the operation/access the file
and an optional template with the returned filename.
Embed the operations in the gnome xml documents by having the
gnome-script in XML with its own name space.
Non-destructive operations/files would have a "security area" of "any".
Grant/Deny embedded script access to other operations/files based on
having the required digital signature (see
http://www.w3.org/TR/xmldsig-core/) for the "security area group".
This way you could have active document scripting on a case by case
basis.
David Mohring - "Only you can prevent forest fires"
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]