[wuug-list] [wuug-forum] ezod: Standalone WM, anyone?
Matt Draisey
matt at draisey.ca
Tue Jan 22 10:41:52 PST 2008
On Tue, 2008-01-22 at 06:32 -0500, Matthew Johnston wrote:
> I love the KDE backend (dcop, kio-slaves, et al.); {I am a little
> worried that it might provide an avenue for malware in the future a-la
> Windows}.
I don't see it.
Unix security mechanisms, the filesystem and these newer service daemons
work well at preventing privilege escalations and protecting the OS and
users from other malicious users on a multiuser system. But unix does
absolutely nothing to protect a user from himself, and kde doesn't make
that situation any worse than it already is.
Web browsers, html email user agents and even word processors can run
scripts that need to be sandboxed. Writing that kind of code is hard
work and equivalent in complexity to the core unix security mechanisms
themselves. In that respect we are in no better shape than a windows
user running firefox, thunderbird and openoffice.
I wish the kernel would provide a standard sandboxing framework for
working with untrusted data and scripts. Nobody is going to chroot
their web browser or run it under a completely separate user account ---
that's all we have available now.
Matt
More information about the wuug-list
mailing list