[Meego-security-discussion] Backing up (was: MeeGo Security Goals)
Bernd Stramm
bernd.stramm at gmail.com
Sat Apr 16 13:19:21 PDT 2011
On Sat, 16 Apr 2011 22:00:16 +0200
Rene Mayrhofer <rene.mayrhofer at fh-hagenberg.at> wrote:
> On 15.04.2011 20:32, Andy Ross wrote:
> > Can we maybe agree on the threat model first? Maybe talk about the
> > required behavior limitations in the absence of a flame war over
> > different MAC technologies, etc...? I sort of figured that everyone
> > agreed on this, but now I'm not so sure any more.
> Yes, let's please define the thread model first (and sorry for adding
> my share of speculation concerning specific technologies, which was
> not my intention at this point) ...
By all means, let's say what al this should protect against.
> > 5. Fine-grained network access limitation. Facebook app can only
> > talk to facebook, etc... Seems like a sane requirement, but I
> > don't think anyone does this currently. Do we want it? How would
> > it work?
> I would clearly vote for a yes here - it should be possible to limit
> access to specific network resources.
I don't think so. This would mean a user can't install, for example, a
3rd party browser. Or any other general purpose network application.
Bernd
--
Bernd Stramm
bernd.stramm at gmail.com
More information about the MeeGo-security-discussion
mailing list