low-hanging fruit
Nicolas Mailhot
nicolas.mailhot at laposte.net
Wed Aug 22 21:02:44 UTC 2007
Le mercredi 22 août 2007 à 11:47 -0400, Colin Walters a écrit :
> On 8/22/07, Jesse Keating <jkeating at redhat.com> wrote:
> If something popped up to
> install software
>
> What would pop up to install new software?
Helpful apps that want to help you install every pluggin known
(including plugins like flash that require a complete 32bit stack on a
64bit system to run)
> And why would your friend click it?
Because users have a railroad approach to popups (just click yes)
> Wouldn't he or she ask you about it?
Friends don't ask about every popup they click through when they get
guest access (or they don't stay friends long)
> Also remember - you don't need root or a password to install software
> to your computer. You just download something that overwrites your
> ~/.bashrc, puts itself in ~/.config/autostart, or one of many other
> methods. Like firefox extensions.
Firefox extensions are a security plague and a great example why
password-less install is bad in a guest context. I hope with FF3 we can
start packaging the useful subset everyone uses as rpms and de-emphasise
the FF autodowload
--
Nicolas Mailhot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <http://listman.redhat.com/archives/fedora-desktop-list/attachments/20070822/92fb974a/attachment.sig>
More information about the Fedora-desktop-list
mailing list