Ways to eliminate gksu and policykit authentication spoofing
Registered by
Marc Deslauriers
Users need to type in their password to perform certain administrative functions. The gksu and policykit authentication boxes can easily be spoofed. This session would investigate the possibility of adding personal information to the dialog boxes to decrease their chances of being spoofed. One idea would be to simply display the user's About Me picture in the dialog.
Blueprint information
- Status:
- Not started
- Approver:
- Kees Cook
- Priority:
- Low
- Drafter:
- Marc Deslauriers
- Direction:
- Needs approval
- Assignee:
- Marc Deslauriers
- Definition:
- Approved
- Series goal:
- Accepted for maverick
- Implementation:
- Not started
- Milestone target:
- ubuntu-10.10
- Started by
- Completed by
Whiteboard
Work items:
add random aboutme picture selection at user creation: POSTPONED
add aboutme picture to policykit dialog box: POSTPONED
add aboutme picture to gksu dialog box: POSTPONED
2012-07-15: This idea was saved from the memory hole and included in <https:/
(?)