Trac is being migrated to new services! Issues can be found in our new
YouTrack instance and WIKI pages can be found on our
website.
- Timestamp:
-
Jul 7, 2015, 4:36:08 PM (9 years ago)
- Author:
-
mmcco
- Comment:
-
initial privilege separation
Legend:
- Unmodified
- Added
- Removed
- Modified
-
|
v43
|
v44
|
|
| 148 | 148 | |
| 149 | 149 | I still hope that RTT gets added to Pidgin, but it may not make it for the 3.0 release. If you're interested in working on it, let me know and I'll be happy to help. |
| | 150 | |
| | 151 | |
| | 152 | == Privilege separation == |
| | 153 | |
| | 154 | Privilege separation is one of the easiest ways to improve Pidgin's security. |
| | 155 | |
| | 156 | Generally, there are only two types of file access for Pidgin/libpurple: |
| | 157 | * access to libpurple-specific files in `~/.purple/` |
| | 158 | * access to files in arbitrary locations for file transfers |
| | 159 | |
| | 160 | This makes the solution pretty clear: have a process for Pidgin's core that's chrooted to `~/.purple/` and a file transfer helper process with arbitrary file access. |
| | 161 | |
| | 162 | Later, additional daemons could be added for things like logging and chrooted to subdirectories of `~/.purple/`. This would further protect user credentials and OTR keys. |
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!
