Autostart and MAC security
Francois Gouget
fgouget at codeweavers.com
Mon Feb 27 21:03:59 EET 2006
Mike Hearn wrote:
[...]
>>It's worse than that. As soon as you run any untrusted piece of code,
>>even in your account, it is game over for your account.
>
> Today, yes, but I think one long term aim should be to change that.
> Users clearly _do_ run less trustworthy code in their accounts all the
> time, because there's no real way to determine if a program is "evil" or
> not ahead of time. It's possible to make an OS robust against this
> reality, so we may as well start evolving Linux in this direction
> now ...
So your plan is to have ~/.config/autostart be locked down such that all
of the following commands fail?
cp foo.desktop ~/.config/autostart
cat foo.desktop >~/.config/autostart/foo.desktop
rm ~/.config/autostart/foo.desktop
rm -rf ~/.config
Frankly I would not want to use a system where standard commands such as
cp, rm and cat are crippled in such a way. Though if the shell gives me
a way to locally turn this feature off for all child processes it may be ok.
Anyway, if going through a register-autostart tool is to be made
mandatory, it should at least provide the following functionality:
* add an entry
Example: register-autostart --add foo.desktop
* remove an entry
Example: register-autostart --del foo.desktop
* get a list of the entries and return their full path so an
application can read them
Example: register-autostart --list
/home/user/.config/autostart/foo.desktop
/home/user/.config/autostart/bar.desktop
--
Francois Gouget
fgouget at codeweavers.com
More information about the xdg
mailing list