[maemo-users] [maemo-users] Re: Bricked a third time

From: Aniello Del Sorbo anidel at gmail.com
Date: Tue Feb 13 18:38:59 EET 2007
Frantisek Dufka wrote:
> Aniello Del Sorbo wrote:
>> Yes, and the Application Manager (by looking at the packages flags 
>> somehow) could tell if this is a system app (and thus ask the User to 
>> enter somekind of passphrase) or a user app (thus installing it with 
>> no hassle). Asking the User for a kind of passphrase will give 
>> Application Manager root privileges and thus dpkg could be ran as root 
>> and those apps would install as usual and do their (good) job.
> And how is this different from the current warning about non Nokia 
> application? I simply fail to see any additional security.
Because people don't usually read warnings and tap OK too fast.
Entering a passphrase makes them think.
If a package is not labeled as a system one, it can be installed without 
even the warning (as it would be installed as 'user').

Again, I am not saying that with that system you are safe.
There's no way to be safe.
I am only saying that that system makes it a bit harder to brick the 
device, but my whole point at the beginning was to only tell people that 
dpkg does not require root privileges.

The discussion went on and I throwed away this idea that, a part from 
giving a slight (let's call it) safer installation system, COULD give 
the chanche of installing apps on the memory card (and this is totally 
unrelated with the security issue).
At almost NO additional cost.

> So you basically want another similar dialog telling you this package 
> (dropbear) can really mess your system?


PS: I think we can stop the discussion here :)

More information about the maemo-users mailing list