Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 16 Jul 2008 23:24:28 -0700 (PDT)
From:      Jason Stone <freebsd-security@dfmm.org>
To:        Matt Reimer <mattjreimer@gmail.com>
Cc:        freebsd-security@freebsd.org
Subject:   Re: A new kind of security needed
Message-ID:  <alpine.BSF.1.00.0807162303490.34772@treehorn.dfmm.org>
In-Reply-To: <f383264b0807161710m285ed915m8ea9d088fbe83df9@mail.gmail.com>
References:  <f383264b0807161710m285ed915m8ea9d088fbe83df9@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


> Is anyone else nervous trusting all his programs to have access to all 
> his files? Is there already a reasonable solution to this problem?
>
> It makes me nervous for, say, Firefox and its plugins to be able to read 
> and write every file I own, whether it's gnucash, ~/.ssh, or other 
> sensitive files.

Absolutely.  Right now, I use different logins for different things 
(casual web surfing, financial stuff, snd work), but it's inconvenient and 
far from fullproof.

Capabilities or MAC systems could be used here -- someone just has to put 
in the work to make it happen.


  -Jason

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)
Comment: See https://private.idealab.com/public/jason/jason.gpg

iD8DBQFIfuWdswXMWWtptckRAui7AJoDPimy9czlyCRbPcDMTK0XzZ9GIgCg2u0z
CQweJjrVQz2fV3xNH5ML50M=
=G2pt
-----END PGP SIGNATURE-----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.1.00.0807162303490.34772>