[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Plash] Plash Package System's 'Pet-id'

From: James W. Ascroft-Leigh
Subject: Re: [Plash] Plash Package System's 'Pet-id'
Date: Wed, 30 Apr 2008 21:41:29 +0100


> Is there a more long-term reason for why the Pet-id needs to be
> explicitly supplied by the user that isn't evident in the current  
> code?

There is a good reason why the Pet-id needs to be explicitly supplied by
the user. Pet names are a computer security mechanism that is documented
at [1].  Essentially, asking the user to supply the name ensures that
the user knows that the icon they are clicking is for the programme they
just gave the pet name to.  If I have just installed a programme and
called it "browse-the-web" then I know that the "browse-the-web" button
that gets created in my applications menu is the correct command.  If I
have named all of the commands in my application menu myself then I know
that some nasty programme has not installed itself as "browse_the_web"
to try and confuse me.

To be properly secure pet names plash needs to ensure that they are
placed into a namespace that contains only other pet names.  This is
probably why plash didn't put the .desktop file on my desktop last time
I tried.  If it did then I might have made a mistake because, for
instance, my browser uses my desktop as the default download location
and uses the server-suggested file name.  An enemy of mine could use
these defaults to create a file called "browse-the-web.desktop" which I
might accidentally click.




Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]