[Authentication] Application-specific keys
Stef Walter
stefw at gnome.org
Mon Sep 20 18:40:05 PDT 2010
On 2010-09-18 11:14, Anders Rundgren wrote:
> Hi,
> I have not read the spec. so maybe the answer is there.
>
> Anyway, I want to be able to provision a key and at the same time be able
> to define what applications that have the right to use them. The
> enforcement
> must of course be the OS.
The Secret Service spec allows for this to be implement it but does not
enforce it.
> My question is really only if you have thought about this and how you
> identify
> applications?
That's the big rub. As far as I know there's really no way to identify
where one application ends and another one starts on the linux desktop.
Libraries, settings files, python scripts, schemas, are all littered and
shared all over. This makes for a wonderfully tweakable desktop and
rapid development, but it's really hard to make security guarantees.
Cheers,
Stef
More information about the Authentication
mailing list