Hi, On Thursday 11 October 2007 23:43, Herman Robak wrote: > > On Thu, 11 Oct 2007 16:30:31 +0200, RalfGesellensetter <rgx@gmx.de> > >> thanks for your warning reply. I take it quite serious (and actually > >> have been cautious before). However I wonder what difference KLIK does > >> make compared to a > >> > >> apt-get source myfavorite > > I forgot one detail... You just did apt-get source! [...] You can indeed lock down access and permissions very far with SELinux and integrate that nicely with KDEs kiosk mode - the question is, how much freedom do we want to allow, how much should we? And how to remove freedoms for exam situations or similar. So, why do I say "security nightmare" to klik? Because it provides freedom, where it's not needed and posses an uncontrollable risk to every users data: running software from many untrusted sources in your normal work environment (think /home/ with all mails and your work) is really risky. A much better approach to test software is to use virtual machines like virtualbox or qemu. regards, Holger
Attachment:
pgpTaOl5uSwc2.pgp
Description: PGP signature