A common VFS and a Common conf-system [Part II]
Alexander Larsson
alexl at redhat.com
Thu Mar 3 16:57:02 EET 2005
On Thu, 2005-03-03 at 09:03 -0500, Sean Middleditch wrote:
>
> I would argue then that the daemon can forward the information about
> the process to the keyring, or that they keyring can tie in better to
> the daemon. My plan was to make the daemon talk to an external helper
> over D-BUS (or a more direct protocol if necessary for security -
> haven't looked at that in depth yet), so gnome could provide such a
> helper that used the keyring. Making sure that the actual
> applications never touch the authentication information is something
> I'm rather keen on - it really can eliminate an entire class of
> security holes and information leaks.
There are things you can't easily forward though, such as a selinux
contexts.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Alexander Larsson Red Hat, Inc
alexl at redhat.com alla at lysator.liu.se
He's a leather-clad chivalrous vagrant with a secret. She's a tortured psychic
wrestler with a knack for trouble. They fight crime!
More information about the xdg
mailing list