zlacker

[return to "The Linux Security Circus: On GUI isolation"]
1. doki_p+o6[view] [source] 2011-04-24 01:29:07
>>wglb+(OP)
This argument is nonsense. Any program you run can exec other programs and read files from your home directory. You can't simply run any program you feel like running. If it's not a well known and trusted program, then you'll need to look at the source.

Do people run root GUIs as a client? That seems silly to me. I don't have one single GUI program that I run as root unless I'm troubleshooting a permissions issue.

◧◩
2. recamp+A6[view] [source] 2011-04-24 01:40:35
>>doki_p+o6
I don't think it's nonsense. I'm quite surprised that (say) my calculator app could control my password manager. My password manager encrypts file storage, and automatically locks itself after usage, but is likely vulnerable to this attack.

Even if you trust the programs you run, they can have their own unintended vulnerabilities.

[go to top]