plasma security constraints

Aaron J. Seigo aseigo at
Sun Jul 13 22:06:56 CEST 2008

On Sunday 13 July 2008, Chani wrote:
> On July 13, 2008 10:34:19 Aaron J. Seigo wrote:
> > On Friday 11 July 2008, Chani wrote:
> > > *launching external programs: this isn't entirely about security - if
> > > the screensaver is running, those external programs will be trapped
> > > below it, so that makes them rather useless. it's nice to let applets
> > > know, so that they can just not bother trying.
> >
> > we'll also want this for certain lock down scenarios, such as untrustred
> > downloaded scripts ...
> >
> > > *running arbitrary commands: we have a plasmoid that allows you to just
> > > type in a command and run it. I don't think I have to explain why
> > > that's dangerous. :)
> >
> > how is this differentiated from "launching external programs"? is there a
> > situation where it would be Ok to launch arbitrary UI apps but not system
> > commands?
> well, they're not necessarily arbitrary - most existing cases just launch
> konq - but since you can get from konq to anywhere you like, maybe that
> doesn't matter.
> I do wonder if there could be a case where system commands would be ok, but
> external apps wouldn't. a system with really bad window management
> perhaps? ;) that does seem very unlikely... unless someone persuades me to
> give users the ability to turn off the "no system commands" constraint on
> the screensaver.
>, very unlikely, but I'm not sure it'd never ever happen.
> > > *desktoppy stuff: application launchers, taskbars, systray, pager,
> > > etc... these only belong on a desktop, not the screensaver or anywhere
> > > else. they tend to assume we have a windowmanager, plasma-the-desktop,
> > > and all the usual stuff available. application-launchers also fall
> > > under the heading of "launching external programs". I need a better
> > > name for this category, though. :)
> >
> > you can probably filter on the applet category here; Windows and Tasks,
> > Application Launchers.
> in that case, the categories would have to actually be enforced.
> right now the trash applet is in "file system" 

which is the right place for it

> (along with useful things
> like calendar),

calendar is in file system?!

> quicklaunch is in misc (although those two can be filtered
> out by security), 

quicklaunch should be in Application Launchers

> lock/logout is in "system information", 

wrong category

> so is the device notifier,

this one is correct.

> and paste is in utilities. 


> also, the notify applet is in "windows
> and tasks",

notify does not belong in "windows and tasks"

Aaron J. Seigo
humru othro a kohnu se
GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA  EE75 D6B7 2EB1 A7F1 DB43

KDE core developer sponsored by Trolltech

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
Url : 

More information about the Panel-devel mailing list