Browser mode for nautilus
David Zeuthen
davidz at redhat.com
Mon Oct 27 22:01:24 UTC 2008
On Mon, 2008-10-27 at 15:29 -0600, Stephen John Smoogen wrote:
> My guess is that having priv-sep, passwords, etc are all security
> theatre for the desktop user in this case. I mean if application X
> can't work without me being root then why not be root? If having a
> password slows me down from getting stuff done, why not remove it. For
> this level.. why are we doing anything beyond Windows 98 which seems
> to be the perfect desktop platform.
Don't be silly. We want Fedora to be secure by default. Period. If your
intention really is to run a DAV server at the next Blackhat conference
(where e.g. it will be attacked like crazy), we can confine the used
http process to only read from ~/Public. Thus, even if a malicious
attacker can run code in the httpd process on your box he can only read
~/Public. He might as well not have bothered then because he could get
that content via DAV.
Here's the point. A classic firewall that prevents me from sharing files
via DAV doesn't really add anything if I really want to share files via
DAV. If my OS vendor wants to prevent me from doing that I might as well
find another OS vendor. Maybe one that actually spends energy on fixing
the root problem (making services secure) instead of papering over the
problem (by adding pointless firewalls).
Ironically enough Red Hat spends a lot on resources thinking about
problems like these and developing technologies like SELinux (for
confining processes) and D-Bus (for privilege seperation) to make our
software secure. It's too bad we're not doing a good job of actually
applying this in products like Fedora.
David
More information about the Fedora-desktop-list
mailing list