[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Plash] Plash Package System's 'Pet-id'
|
From: |
James W. Ascroft-Leigh |
|
Subject: |
Re: [Plash] Plash Package System's 'Pet-id' |
|
Date: |
Wed, 30 Apr 2008 21:41:29 +0100 |
Toby,
> Is there a more long-term reason for why the Pet-id needs to be
> explicitly supplied by the user that isn't evident in the current
> code?
There is a good reason why the Pet-id needs to be explicitly supplied by
the user. Pet names are a computer security mechanism that is documented
at [1]. Essentially, asking the user to supply the name ensures that
the user knows that the icon they are clicking is for the programme they
just gave the pet name to. If I have just installed a programme and
called it "browse-the-web" then I know that the "browse-the-web" button
that gets created in my applications menu is the correct command. If I
have named all of the commands in my application menu myself then I know
that some nasty programme has not installed itself as "browse_the_web"
to try and confuse me.
To be properly secure pet names plash needs to ensure that they are
placed into a namespace that contains only other pet names. This is
probably why plash didn't put the .desktop file on my desktop last time
I tried. If it did then I might have made a mistake because, for
instance, my browser uses my desktop as the default download location
and uses the server-suggested file name. An enemy of mine could use
these defaults to create a file called "browse-the-web.desktop" which I
might accidentally click.
Regards,
James
[1] http://www.skyhunter.com/marcs/petnames/IntroPetNames.html
signature.asc
Description: This is a digitally signed message part