A common VFS and a Common conf-system [Part II]
alexl at redhat.com
Thu Mar 3 19:00:40 EET 2005
On Thu, 2005-03-03 at 09:03 -0500, Sean Middleditch wrote:
> I would argue then that the daemon can forward the information about the
> process to the keyring, or that they keyring can tie in better to the
> daemon. My plan was to make the daemon talk to an external helper over
> D-BUS (or a more direct protocol if necessary for security - haven't
> looked at that in depth yet), so gnome could provide such a helper that
> used the keyring. Making sure that the actual applications never touch
> the authentication information is something I'm rather keen on - it
> really can eliminate an entire class of security holes and information
There are some interaction issues with this btw. For instance, it makes
the authentication window not be related to the window causing the i/o.
This can cause problems with window manager behaviour.
There can also be problems with authentication dialogs in modal dialogs.
I know we had some problems with that in gnome-vfs, although it might
not be as much of a problem with authentication dialogs opened from
another process though.
Alexander Larsson Red Hat, Inc
alexl at redhat.com alla at lysator.liu.se
He's a Nobel prize-winning sweet-toothed sorceror moving from town to town,
helping folk in trouble. She's a supernatural winged widow married to the Mob.
They fight crime!
More information about the xdg