On Fri 2009-03-27 14:04:32, Bodo Eggert wrote:On Fri, 27 Mar 2009, Pavel Machek wrote:On Fri 2009-03-27 10:28:07, Bodo Eggert wrote:Pavel Machek <pavel@xxxxxx> wrote:
I don't think merging that is good idea. Security should be doable
without making shell-like glob matching...
How do you suppose a security system should handle mozilla modifying
~/.bashrc differently from downloading something to ~/pr0n.jpg?
How does shell-like glob matching help there? You'd need to parse
/etc/passwd to find all ~ directories...
That is, if you'd use HOME=`dd if=/dev/urandom ...`.
If you have your users in /home/user, you can tell /home/*/.*
is bad, /home/*/[^.]* is OK.
On the common systems I know of, homes are spread over different
volumes and different directories. TOMOYO's wildcards do _not_ solve
this particular problems.
How would you exclude mozilla from writing to .* then? ".a" is bad,
".b" is bad ...? or "A" is OK, "a" is OK, "zzzzzzzzzzzzz" is OK"?
Either way, you'd need several universes to store the security profile.
What is magic about .* files? I want mozilla to store the pictures as
.naughty.picture.jpg -- I don't see anything wrong with that.