On Thu, Mar 03, 2005 at 04:02:57PM -0500, Havoc Pennington wrote: > One problem is that if you can run a GTK app as root (anything > equivalent to setgid) then you can probably hack that app and do bad > stuff, http://gtk.org/setuid.html > So it's probably a requirement in all cases that we split out a backend > that runs as root and have the UI separate. Yes, sounds very sane. Plus, as long as we're using SELinux, that could definitely help here. -- Matthew Miller mattdm@xxxxxxxxxx <http://www.mattdm.org/> Boston University Linux ------> <http://linux.bu.edu/> -- Fedora-desktop-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-desktop-list
