"Name" key value in desk. entry spec collides with file names, could misguide users?

Josef Spillner spillner at kde.org
Sun Mar 20 16:59:03 EET 2005

Am Sonntag, 20. März 2005 15:04 schrieb Mike Hearn:
> This line of thinking is security-through-obnoxiousness and is just a
> variant on obscurity. It's not providing a real solution, it's just making
> it more awkward (not even harder, really) to do what you want to do.

The Linux capability model already provides a basic lock-down functionality. 
The problem is that as a user, you cannot say that you want to restrict file 
system access to say /tmp/mychroot. Only root can do this. This is flawed.

But I think such restrictions should indeed be possible, as today's users are 
already used to download scripts and run them (e.g. superkaramba), and 
implementing sandboxes in VMs is nice, but not as reliable and flexible.


More information about the xdg mailing list