On Sat, Dec 18, 2004 at 06:07:11AM -0500, Jack Dodds wrote: > My solution is to create a "non-secure" user called realplay, in a group > called realplay. This user is treated as hostile, and is not given > access to any files of any other user. That's not how UNIX permissions work... realplay may read, write and execute any files it can see which allow this. For example, a file in /home/jack with permissions rw-r--r-- can be read, though not written to, by realplay. You can limit the files that a user can see by placing it in a chroot'd environment. > Does anyone have any suggestions as to how I could more cleanly > implement the idea of running a potentially "hostile" GTK application > under its own low-privilege user id? What about he security risk of > having a window from a "hostile" program running under another user id > visible on my desktop? Rather than using an su -alike, you may want to use a sudo-alike. Permissions can be much finer-grained, controlled by /etc/sudoers. -dsr- -- Nothing to sig here, move along. _______________________________________________ gnome-list mailing list gnome-list@xxxxxxxxx http://mail.gnome.org/mailman/listinfo/gnome-list
