On 08/25/2013 04:26 PM, Patrick Ohly wrote:
On Tue, 2013-08-13 at 08:18 +0000, Laako, Jussi wrote:
>> Which is not a normal Linux desktop, is it?
> Isn't it? At least it's like openSUSE or Ubuntu. Only Windows users
> tend to use their computer as admin.
> As long as you 1) use SMACK/SELinux/AppArmor correctly configured
> and/or 2) run gsignond as some other user id both the API access and
> the database are protected.
That's the key point: is any Linux desktop set up to protect the signon
database like that? I don't doubt that it is doable, I'm just wondering
whether it is done.
Not yet, but we are making good progress in Ubuntu towards this goal. I
hope it lands on the desktop on the 14.04 release (next April).