Autostart and MAC security
bastian at kde.org
Sat Feb 25 02:42:09 EET 2006
Good point, I think the Portland project could come up with a command that
should be used to add things to the autostart folder. The issue is similar to
applications registering themselves as the default application for a certain
On Tuesday 21 February 2006 15:35, Mike Hearn wrote:
> One thing that's worth considering here is security - on Windows the
> ability for apps to register themselves as auto-startable in many
> different places has been an attack vector for malware.
> Right now Linux is in the same situation, you could make an app auto-start
> by abusing:
> - session management
> - various $HOME dotfiles (.xsession, .profile ?)
> - gnome/kde specific mechanisms for this
> - and now this spec
> It's legitimate for apps to auto-start themselves at login time, but it
> needs to be carefully controlled so apps cannot do it without the user
> Obviously if an app is installed as root via RPM or whatever then it's
> game over. But it's possible for malware to be installed via other routes:
> browser/email exploits, running saved attachments, whatever. And actually
> on Windows that's often what happens.
> Frameworks like SELinux or AppArmor can help prevent this - if only a
> certain program, say /usr/bin/register-autostart can write to
> ~/.config/autostart and no other programs run with regular user privs can,
> then this register-autostart program can pop up a GUI saying "Do you
> really want $XYZ program to auto-start? Yes/No" giving users a chance to
> veto this request. OK it may not help /much/ but it might help a bit.
> Adapting the spec to have this wouldn't be hard, just say that apps
> are not allowed to write directly to ~/.config/autostart, and that if they
> wish to register/unregister autostart after the fact (from their prefs
> window for instance) they must do it via a command line app.
> Anyway it's worth considering this sort of approach for future specs as
> well. Routing configuration tasks via a program could help fend off
> malware in future.
> thanks -mike
> xdg mailing list
> xdg at lists.freedesktop.org
Linux Client Architect - Channel Platform Solutions Group - Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/xdg/attachments/20060224/3f040251/attachment.pgp
More information about the xdg