On Mon, 2013-08-12 at 12:32 +0000, Laako, Jussi wrote:
> I get that. But I was running on a normal Linux desktop, where
> control via executable path doesn't really gain much in terms of
> security, does it?
It works pretty well, as long as system is installed through signed
packages and user doesn't have root privileges.
Which is not a normal Linux desktop, is it?
But you have wild cards if you prefer to give world-access. But
generally I dislike idea of random applications being able to access
my Google password, because it is used for example to authorize credit
card purcheses in Play store and in AdWords...
I agree, handing out the password to any app would be bad. But that's
not the case in this particular scenario (OAuth2 login into a very
specific set of services), it is? In this case, all that the extra apps
could get access to is the calendar or contact data - which is already
available locally without protection, if the user is running
SyncEvolution to sync said data.
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.