Re: desktop security
Am Friday 07 May 2004 19:54 schrieb Eduard Bloch:
> > - The Desktop should generally equal (show) the $HOME directory btw.
> Parse error... or what is it good for?
Oops, how did I slip that in there.
I believe it is in many cases preferable to have the desktop show the content
of the $HOME directory instead of $HOME/Desktop. In many cases ~/Desktop is
an unecessary differentiation. Using $HOME would generate less confusion,
users get used to their homedir right away and are more likely to keep it
tidy. For KDE try putting
into ~/.kde/share/config/kdeglobals (or /etc/kde3/kdeglobals)
> > Depending on your preferences uncritical things like webbrowser or
> > openoffice etc. can just be used out of the box, running as user "guest".
> > Other things like mail you may prefer running as a separate private id.
> I guess I know what you mean but I do not like it. Too confusing and too
> high risk for potential security holes.
Please elaborate. I would be interested why it would be more confusing/higher
risk then having to create a new user account for (each) guest you have at
home. (without all the things you've set up to work for you before)
This idea was for a "just has to work" scenario *without* throwing system
restrictions out to "ease" things with bad side effects. In a case where
local access to the PC is considered save.
It should just work securely for everyone at your home and if you want to
separate somthing more privately you run the program as or change completely
to a different user id. It is defenitely more secure than just letting
anyone work under the same ID which would probably be the obvious choice for
> The tags do not solve anything on their own (are not precise enough,
> imo), but they could be used as a criterium for user-friendly's
Sure, IIRC the precision isn't considered to be ready, and flexible anyway.
Feedback is needed. Of course someone needs to implement support for debtags
in the dependency resolution.