A new kind of security needed
chris at noncombatant.org
Sat Aug 2 19:17:22 UTC 2008
On Jul 28, 2008, at 12:28 PM, Matt Reimer wrote:
> My idea was to basically have a secure file picker that grants the app
> (e.g. Firefox) access to the file, in a way that would be transparent
> to the user. For example, when Firefox wants to save a PDF it displays
> the file picker as usual and the file is saved. Underneath what's
> happening is that Firefox talks to the trusted system filepicker via a
> socket, and depending on the user's input it grants access to the
> file, whether temporarily or permanently.
How can the trusted system filepicker know that it is receiving
messages from the true Firefox filepicker, and in response to true
user gestures? (Basically, it can't.) Microsoft had to deal with this
problem; see e.g. http://en.wikipedia.org/wiki/User_Account_Control.
More information about the freebsd-security