Privacy (su UID value in desktop entry standard)
George
jirka at 5z.com
Fri Mar 19 19:36:22 EET 2004
On Fri, Mar 19, 2004 at 09:22:11AM -0600, Linas Vepstas wrote:
> > Alternatively he just fires up the desired app.
> >
> > Mail, bookkeeping programs etc. can be installed "asking for
> > authentication" (install script will have set up a desktop entry with
> > "prompt-for-run-as-username")
> > Other apps can also be right-clicked and be "run as..." And of course the
> > property to "allways run as ..." is there so just the password without extra
> > username is asked.
I think it should be noted here that user switching within one particular
session IS NOT SECURE. If you are logging in from a users login which you
don't completely trust (such as "guest" or whatnot), you shouldn't enter a
password as that can be sniffed since the "guest" has full access to the
display. I think if such a feature would get popular (here thinking we'd be
as popular as windows) and used (say to lock out children from something, or
whatnot), you'd get also software that sniffs for passwords.
I think I heard something about some sort of X windows where windows have
different trust levels or whatnot and we'd need that. Other then that, fast
user switching should be done by a separate X server. It is not that
complicated if a little more work is done on the interface there, and more
work goes into X perhaps to make it play nice with more then one X server (if
anyone says it does play nice now, I'll beat him with a long stick while
shouting obscene things in czech). At best it could be described as
'semi-workable' now. The fact that with certain videocards you get crashes
with this, that you don't get 3D acceleration on more then one display (that
sucks for fast user switching on a gaming machine), and in general all the
fun possible races you get out of running two X servers.
George
--
George <jirka at 5z.com>
Examine what is said, not who speaks.
-- Arabian Proverb
More information about the xdg
mailing list