[opensuse-factory] For those concerned about security in KDE, please vote for openfate#312876
Not about the software, but still a significant security issue: https://features.opensuse.org/312876 (might apply to other window managers too, but we only use KDE). -- Per Jessen, Zürich (11.3°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Le 25/10/2011 15:41, Per Jessen a écrit :
Not about the software, but still a significant security issue:
https://features.opensuse.org/312876
(might apply to other window managers too, but we only use KDE).
giving the present -13 score, don't seems to be popular. I don't see it good neither as default jdd -- http://www.dodin.net http://pizzanetti.fr -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
jdd wrote:
Le 25/10/2011 15:41, Per Jessen a écrit :
Not about the software, but still a significant security issue:
https://features.opensuse.org/312876
(might apply to other window managers too, but we only use KDE).
giving the present -13 score, don't seems to be popular.
Haha, I guess we can conclude that noone is worried about security ... -- Per Jessen, Zürich (10.6°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Tue, Oct 25, 2011 at 17:52, Per Jessen
Le 25/10/2011 15:41, Per Jessen a écrit :
Not about the software, but still a significant security issue:
https://features.opensuse.org/312876
(might apply to other window managers too, but we only use KDE).
giving the present -13 score, don't seems to be popular.
Haha, I guess we can conclude that noone is worried about security ...
I don't think it's so much that no one is worried about security... it's more like we're thinking about general usability. The proposal is a reasonable one in the use-case you presented, but... in a more broad sense, it would be more of an annoyance to the larger population of users. The risk is negligible. C. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
C wrote:
On Tue, Oct 25, 2011 at 17:52, Per Jessen
wrote: Le 25/10/2011 15:41, Per Jessen a écrit :
Not about the software, but still a significant security issue:
https://features.opensuse.org/312876
(might apply to other window managers too, but we only use KDE).
giving the present -13 score, don't seems to be popular.
Haha, I guess we can conclude that noone is worried about security ...
I don't think it's so much that no one is worried about security... it's more like we're thinking about general usability. The proposal is a reasonable one in the use-case you presented, but... in a more broad sense, it would be more of an annoyance to the larger population of users. The risk is negligible.
Maybe it is, but that didn't stop us installing apparmor by default. (for instance). If you ask a security expert, he or she will tell you social engineering is in fact the biggest security risk in most places. http://en.wikipedia.org/wiki/Social_engineering_%28security%29 Regardless, I was pointed to the Kiosk tool, which looks somewhat promising, Only somewhat because there seems to be some doubts about whether it works in KDE4. -- Per Jessen, Zürich (10.1°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Tue, Oct 25, 2011 at 7:04 PM, Per Jessen
C wrote:
On Tue, Oct 25, 2011 at 17:52, Per Jessen
wrote: Le 25/10/2011 15:41, Per Jessen a écrit :
Not about the software, but still a significant security issue:
https://features.opensuse.org/312876
(might apply to other window managers too, but we only use KDE).
giving the present -13 score, don't seems to be popular.
Haha, I guess we can conclude that noone is worried about security ...
I don't think it's so much that no one is worried about security... it's more like we're thinking about general usability. The proposal is a reasonable one in the use-case you presented, but... in a more broad sense, it would be more of an annoyance to the larger population of users. The risk is negligible.
Maybe it is, but that didn't stop us installing apparmor by default. (for instance). If you ask a security expert, he or she will tell you social engineering is in fact the biggest security risk in most places. http://en.wikipedia.org/wiki/Social_engineering_%28security%29
Regardless, I was pointed to the Kiosk tool, which looks somewhat promising, Only somewhat because there seems to be some doubts about whether it works in KDE4.
Kiosk is used for locking down stuff like this, kiosktool is a GUI which can control kiosk. Kiosk should work fine for this purpose, you just need to manually set up rules for screensavers. These rules are supposed to work for KDE 3, you should be able to adapt them for KDE 4 by finding the proper configuration entry: http://lists.kde.org/?l=kde-kiosk&m=112142810808206 See here for general instructions: http://techbase.kde.org/KDE_System_Administration/Kiosk/Introduction I don't know the state of kiosktool, but kiosktool is merely a GUI to make it easier to configure kiosk. You don't need to use kiosktool to run kiosk. If you have more questions about kiosk you should probably ask on that mailing list. -Todd -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
todd rme wrote:
On Tue, Oct 25, 2011 at 7:04 PM, Per Jessen
wrote: Regardless, I was pointed to the Kiosk tool, which looks somewhat promising, Only somewhat because there seems to be some doubts about whether it works in KDE4.
Kiosk is used for locking down stuff like this, kiosktool is a GUI which can control kiosk.
But do I get them both by installing kiosktoolor is kiosk installed by default? I searched on 'kiosk' with yast and only found kiosktool.
Kiosk should work fine for this purpose, you just need to manually set up rules for screensavers. These rules are supposed to work for KDE 3, you should be able to adapt them for KDE 4 by finding the proper configuration entry:
http://lists.kde.org/?l=kde-kiosk&m=112142810808206
See here for general instructions:
http://techbase.kde.org/KDE_System_Administration/Kiosk/Introduction
I don't know the state of kiosktool, but kiosktool is merely a GUI to make it easier to configure kiosk. You don't need to use kiosktool to run kiosk. If you have more questions about kiosk you should probably ask on that mailing list.
Thanks, and thanks again for mentioning it, I really had no idea it existed. -- Per Jessen, Zürich (8.2°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Le 25/10/2011 17:52, Per Jessen a écrit :
Haha, I guess we can conclude that noone is worried about security ...
I'm very concerned by the default "log without passwd" install, but was abruptly sent out when asking why this was set up. But I think users can setup they own session if they want to (And I can disable this if I want for other users) jdd -- http://www.dodin.net http://pizzanetti.fr -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Tuesday 25 October 2011, jdd wrote:
Le 25/10/2011 17:52, Per Jessen a écrit :
Haha, I guess we can conclude that noone is worried about security ...
I'm very concerned by the default "log without passwd" install, but was abruptly sent out when asking why this was set up.
Hehe, that'd be real fun. Automatic login without password per default but then have to type password each 15 seconds while trying to watch a video. (Remember, only root should be able to disable screen saver but not user's video player which would be a security hole!) cu, Rudi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
participants (5)
-
C
-
jdd
-
Per Jessen
-
Ruediger Meier
-
todd rme