Announcement

Collapse
No announcement yet.

Mir Gains Support For "Trusted Prompt Sessions"

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Mir Gains Support For "Trusted Prompt Sessions"

    Phoronix: Mir Gains Support For "Trusted Prompt Sessions"

    The latest addition to Mir is spport for trusted prompt sessions, a new Ubuntu security feature...

    http://www.phoronix.com/vr.php?view=MTcyMTg

  • #2
    Ctrl+Alt+Del

    How about secure login with ctrl+alt+del?

    Comment


    • #3
      Can anyone explain what this actually means for the end-user?

      Comment


      • #4
        Originally posted by Britoid View Post
        Can anyone explain what this actually means for the end-user?
        If I understand it correctly then it means applications that require superuser privileges can request them and up comes an unspoofable/trusted always-on-top dialog/window that asks you for your password.

        Comment


        • #5
          Originally posted by uid313 View Post
          If I understand it correctly then it means applications that require superuser privileges can request them and up comes an unspoofable/trusted always-on-top dialog/window that asks you for your password.
          So they are making Ubuntu even more like Windows

          Comment


          • #6
            Originally posted by Attentäter View Post
            So they are making Ubuntu even more like Windows
            No, Unix had sudo since 80s long before Windows has UAC.
            And this is basically a graphical implementation of sudo, just like the existing gksudo in Linux.

            So this is more like an improved version of gksudo with better security.

            Comment


            • #7
              Originally posted by Britoid View Post
              Can anyone explain what this actually means for the end-user?
              It is a small part of a larger scenario so the direct effect on the end user is limited.

              Suppose you're using a weather application which needs (or at least requests) your location service.

              Trusted Prompt Sessions are the way that "can this program access your location?", "activate location services?" prompt(s) are identified to the shell as associated with the originating application. (They can then be incorporated into a meaningful display - made app modal, overlaid, etc.)

              Comment


              • #8
                Originally posted by AlanGriffiths View Post
                It is a small part of a larger scenario so the direct effect on the end user is limited.

                Suppose you're using a weather application which needs (or at least requests) your location service.

                Trusted Prompt Sessions are the way that "can this program access your location?", "activate location services?" prompt(s) are identified to the shell as associated with the originating application. (They can then be incorporated into a meaningful display - made app modal, overlaid, etc.)
                Now that makes sense.

                Basically Canonical want a permission system similar to OS X. The current gksudo,gksu interfaces are very easy to fake.

                Comment


                • #9
                  Originally posted by Britoid View Post
                  Now that makes sense.

                  Basically Canonical want a permission system similar to OS X. The current gksudo,gksu interfaces are very easy to fake.
                  See this for more information http://developer.ubuntu.com/publish/...lick-packages/

                  Comment


                  • #10
                    Originally posted by Britoid View Post
                    Now that makes sense.

                    Basically Canonical want a permission system similar to OS X. The current gksudo,gksu interfaces are very easy to fake.
                    How is sudo easy to fake??? can you elaborate on that?

                    Anyway they are implementing something similar to android permissions system since they are now going to support 1 click applications.

                    Comment


                    • #11
                      Originally posted by Attentäter View Post
                      So they are making Ubuntu even more like Windows
                      In the sense that Windows has a mechanism for creating un-fakeable authentication prompts, yes. But that's not a bad thing... it's a valuable feature, something that needs to be implemented at the compositor layer (or thereabouts) to be effective.

                      Comment


                      • #12
                        Originally posted by TheOne View Post
                        How is sudo easy to fake??? can you elaborate on that?
                        You pop up a dialog that mimics the official one in order to get the user to enter his or her password.

                        But this is really nothing that special, kwin has had something like this pretty much since they first implemented compositing. There were some issues with xorg making it hard to properly authenticate windows, but this is apparently addressed with Wayland.

                        Comment


                        • #13
                          Originally posted by uid313 View Post
                          How about secure login with ctrl+alt+del?
                          http://www.theverge.com/2013/9/26/47...-was-a-mistake

                          Comment

                          Working...
                          X