[OLPC Security] Transparent security by user interactions
Timo Sirainen
tss at iki.fi
Sat Oct 7 15:04:42 EDT 2006
I just read from Washington Post about OLTP not needing an anti-virus
software because of its design. I couldn't find any specifics about
this, so I thought I'd at least mention my similar sounding idea from a
couple of years back if someone's still interested.
http://iki.fi/tss/security/os.html
Basically its idea is to make access to "shared files", "network" and
possibly other things controlled by specific processes which grant
access to others. "Shared file" means any file that a user has saved, as
opposed to a private data file that a program uses only internally.
Other processes would typically get access to these services by sending
them requests such as "ask the user to open a file", which would open a
"file open" dialog (running from the privileged shared files process),
and after the user has selected a file the originating process would be
given access to it.
The main idea is that by default programs can't do anything dangerous,
and the user transparently gives them access to do their needed work as
part of the user interface.
Maybe you had a similar idea. I'd hope at least that someone implements
a desktop environment working like that some day.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mailman.laptop.org/pipermail/security/attachments/20061007/5e4aee24/attachment.bin
More information about the Security
mailing list