Desktop apps interoperability

[Colin Walters]

On Tue, 2005-03-29 at 08:54 -0500, Stephen Smalley wrote:
> On Tue, 2005-03-29 at 12:33 +0100, Dale Amon wrote:
> > I will run screaming if someone imports the registry
> > concept into Unix.
> 
> Better start running then.  gconf is already being used as a registry,
> and there is a linux registry aka elektra project as well.

People very often confuse "the registry concept" with a specific
implementation which they may have had a bad experience with in the past
or have heard rumors of other people having a bad experience with.

Having some sort of sane mechanism for locating, managing, and
monitoring preferences is pretty critical to writing desktop
applications.  For example, one thing that GConf provides is
notification of preference changes.  This is a fundamental basis for a
lot of how GNOME's "instant-apply" feature works, e.g. if you change the
theme all apps automatically update.  Doing this kind of thing with
"text files" or whatever is going to be hackish at best.

To bring this discussion somewhat back on topic, Luke is right in that
in order to write a strong SELinux policy for desktop applications, we
really need to have fine-grained separation between user data (i.e.
OpenOffice documents), user preferences, highly sensitive data such as
GPG keys, and random other junk that apps dump in $HOME like error logs.

Also relating to the registry: Once we finish D-BUS, the plan is to make
GConf be a userspace object manager; for example, to allow Mozilla the
ability to read but not write the "http proxy" GConf key, or to disallow
it from reading the WEP keys that NetworkManager currently stores there
(which is wrong, but...).  Having fine-grained labeling on preference
keys is much nicer than granting user_mozilla_t access to user_home_t,
which grants kind of unconstrained read access to everything, and is
better than trying to maintain a text file per key in some hypothetical
"text file registry" just so that we can have individual labels on them.