Comment 453 for bug 332945

2009/11/17 Leandro <email address hidden>:
>
> Also, can you imagine the security absurd for a
> unexperienced user which gets used to the system
> popuping something AND asking for root privileges?
> How easy is to mimic that with a website popup?
>

That is a major point. If there anyone can mimic the pop-up behavior
using a website maybe, and I mean just maybe, we can get the
developers attention on this possible security role. However it would
need to be done very carefully so that the developers can not counter
argument (I have the feeling that I have already something on this
subject in Ayatana list, but it didn't catch up). If we had a web site
that could mimic the behavior so that a innocent user might give away
his root password then we may have a real situation to complain once
again.

Unfortunately I don't have the resources (knowledge and time) to try
to do it myself.

Paulo
--
Paulo José da Silva e Silva
Professor Associado, Dep. de Ciência da Computação
(Associate Professor, Computer Science Dept.)
Universidade de São Paulo - Brazil

e-mail: <email address hidden> Web: http://www.ime.usp.br/~pjssilva