On Fri, Sep 13, 2013 at 10:23 AM, Oron Peled <oron@xxxxxxxxxxxx> wrote: > > On Friday 13 September 2013 01:51:00 drago01 wrote: >> On Fri, Sep 13, 2013 at 1:26 AM, Oron Peled <oron@xxxxxxxxxxxx> wrote: >> > - This means that any privileged service controlled by GUI client (e.g: >> > NetworkManager) is still only as secure as it's controller (e.g: >> > nm-applet). >> This is wrong. That's not how "controlling the service" works. > > Care to explain? Yes. What I meant is nm-applet is not more privileged then any other application in the session. The policy says "the active session is allowed to do foo" not "nm-applet is allowed to do foo". So you can securing the "controller" wont help you much as long as any other app from the active session can be exploited. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
