Spooks dig GConf

At the recent SE Linux Symposium, James Carter of the NSA spoke about using GConf as a user space object manager. The paper covers the application of Flask principles (and SE Linux in particular) to user configuration, and is well worth reading, even if you’re not astronautically familiar with SE Linux itself. Definitely recommended for GNOME folks interested in deep desktop security issues.

Executive summary: Even the NSA want us to merge the gconf-dbus branch! Let’s get this done before they do it behind our backs. 😉

NSA describe GConf
The NSA knows how GConf works.

Update: The links to the presentation and full paper were not obvious enough as a caption to the slide. 🙂

This entry was posted in Uncategorized and tagged , , , . Bookmark the permalink.

5 Responses to Spooks dig GConf

  1. Have you watched the movie “The Human Stain”? http://en.wikipedia.org/wiki/The_Human_Stain

    Not sure how you meant ‘spooks’, but sometimes you have to be a bit aware of racial sensitivities around these things!

  2. jdub says:

    Jonathan, “Spooks” is a modern colloquialism for “spies”, certainly much more recognisable in current language than its use as a racial slur. It’s even the title of a pretty good BBC series.

  3. pvanhoof says:

    The last time I looked at the gconf-dbus branch, it was not done how it should be. In stead of leveraging the features what DBUS was created for, it used DBUS exactly like how you would do GConf in ORBit-2 (so it’s or was a one on one port).

    Since DBUS is actually slower than ORBit-2, this will do no good nor will it solve any of GConf’s problems other than wanting to fix a no-problem (not wanting to depend on ORBit-2 for religious reasoning, which I don’t consider to be useful).

    It would be far better to listen to what OpenOffice.Org, Mozilla, KDE’s KConfig and GNOME have to say about configuration storing. Out of those stories make a DBUS specification and a prototype implementation. And after that specification is agreed and done, let competing parties implementing competing implementations.

    And after that. Once those competing implementations start being used, let the best survive.

    I once started such a specification under the name “deconf-spec”. You can still find it here:
    https://svn.cronos.be/svn/deconf/deconf-spec/trunk/src/index.xhtml

  4. Philip says:

    I bet the NSA have already merged it. In fact, they’re probably already running Gnome 3.0 before gnome have even designed it. I bet they even have a little gdesklet applet that streams info about who’s emailing whom about blowing up the USA.

  5. Sitsofe says:

    Here’s a link to the paper (I couldn’t see it in your original post) http://selinux-symposium.org/2007/papers/04-gconf.pdf

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments will be sent to the moderation queue.