On Mon, 2007-02-12 at 12:54 -0500, David Zeuthen wrote:
> If you have ideas on how to fix Linux so we can have a better security
> model where this is not possible I'd be happy to hear about it.
Repeating my idea
1. Login manager tags the desktop login process with a random cookie
2. Unprivileged processes cannot read nor write the cookie
3. The cookie is inherited by all child processes
4. Privileged processes, like ConsoleKit daemon, can read the cookie
Again, ConsoleKit is designed in a way so it's possible to change this
over from XDG_SESSION_COOKIE. Someone, probably kernel people, just
needs to implement this. Thanks.
David
--
Fedora-maintainers mailing list
Fedora-maintainers@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers
--
Fedora-maintainers-readonly mailing list
Fedora-maintainers-readonly@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
