On Mon, 11 Feb 2019 20:42:09 +0100, Jan Engelhardt wrote:
On Monday 2019-02-11 20:25, Jim Henderson wrote:
Maybe we should ship with Xorg permissions open to the world. Because if I'm running an application remotely from another system, having to type 'xhost +' or to enable permissions is "too hard".
Tech note:
Most people should be running an SSO-style solution. ssh, su, etc. forward appropriate key material through environment variables and the like just by logging in, making the use of xhost wholly unnecessary.
Too inconvenient, according to some. After all, if you're using ssh with public keys
ssh does not hard-require keypairs.
Well, yeah, then you have to use a password. That's too difficult and inconvenient. (still being sarcastic here) My point is that the mindset being exhibited here is "let's sacrifice security for ease-of-use", and that is an unhelpful mindset. Don't blacklist these filesystem modules because it's too inconvenient for a minority of users, and we can't inconvenience a minority of users to improve security for everyone. So let's just dump all the security features that inconvenience some small portion of our userbase, because that's the path *some* people want to take here. Security requires that people learn a few things, and some people think "we can't have that". So let's use "insecure by design" as our default security stance. That's the only way to maximize convenience for everyone. Liam says people are too stupid to figure something like this out, and that it's better to cater to their stupidity rather than to expect more from our users. So let's take that to its logical (and absurd) extreme and see how that plays out. Just to be clear, I'm not actually advocating for this. I want my systems secure by design, and if someone wants to load something that potentially compromises their system, then they can do the research on how to enable those features. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org