Desktop apps interoperability
ivg2 at cornell.edu
Mon Mar 28 05:27:31 UTC 2005
On Mon, 2005-03-28 at 00:03 -0500, Ivan Gyurdiev wrote:
> Okay that was an unfinished email - sorry for my stupidity - I was
> editing it and changing things and clicked send by mistake.
> The problem is accurately described (in the first part of the email) and
> what I was getting to - I'm trying to imagine how desktop apps can be
> confined properly in the future (and right now, for that matter). How
> will they interoperate and share data?
> I was thinking of a ~/downloads folder with a shared context, but
> this makes sense for apps that download stuff. In the future if desktop
> apps are confined (say openoffice, abiword) this becomes a more generic
Part of the problem seems to be the way Linux apps treat /home, as the
place for everything. Why are both app. settings and user data stored
in /home as the default location. That's where the problem comes from,
and that seems like a bad idea - the user doesn't care about app
settings and system files - they are not to be edited directly. That's
why they're hidden in the first place.
Now Windows' approach of having "My Documents" and the like is starting
to make a lot of sense (even though I absolutely hate those names).
If app settings were kept separate, in a non-selinux environment you
could export your data files w/out exporting hidden important files like
your gpg keys.
If app settings were kept separate, you could restorecon those settings
to correct contexts. Dwalsh said restorecon skips /home today because
it could accidentaly reveal out-of-place gpg keys, or because it might
be really big. Both those problems would not apply if settings were in a
separate place - you could just restorecon the settings.
Ivan Gyurdiev <ivg2 at cornell.edu>
More information about the fedora-selinux-list