Re: New method to load user bundles

[Tobias]

jeff wrote:
> This isn't security-related attention.
>
> Everybody knows that if you load bundles, you are giving away the keys to
> the castle -- that's why you don't load them in certain apps, and would
> have to be a damn fool to do so.

but you dont have any keys anymore. just because we allow LD_PRELOAD and 
LD_LIBRARY_PATH.
you can replace your whole everything with those environment variables.
LD_* is even more powerful, because it is enabled on ALL (non suid) tools/apps 
you open. is this a major security hole?
i think not. 


> This takes that decision away from authors. With GSAppKitUserBundles, you
> have no choice. 

which you don't have anyway... (i assume, you dont want to statically link 
your app)

> You have no way to "secure" any application from
> modification, because the user can rewrite your application. No copy
> protection, because it can be bypassed with bundles. It effectively
> eliminates the possibility for closed-source GNUstep desktop software to
> exist.

why?, just because you can easily reverse-engineer?
you can do this w/o bundles with the same ease. so where is the problem?

> But hey, if you want that, go ahead. I thought some of you wanted more
> support, though.

we all may have different ideas about themes (i don't like them), but there 
are people, that want eye-candy, so it is unwise to lost those users.

a different group as you meant, but equally (if not more) important than 
commercial software vendors.


this is not meant to be offensive. these are important details.
too important to ignore. for special purpose computers (say in an internet 
cafe) there is the need to disable LD_* and automatic bundle loading.
so a compile time flag should be enough.

~ibotty