From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dukecmmtar04.coxmail.com (dukecmmtar04.coxmail.com [68.99.120.47]) by speech.braille.uwo.ca (Postfix) with ESMTP id B6F4C10BF7 for ; Fri, 23 Oct 2009 03:11:14 -0400 (EDT) Received: from dukecmimpo03.coxmail.com ([68.99.120.137]) by dukecmmtar04.coxmail.com (InterMail vM.7.05.02.00 201-2174-114-20060621) with ESMTP id <20091023071114.NYCW15858.dukecmmtar04.coxmail.com@dukecmimpo03.coxmail.com> for ; Fri, 23 Oct 2009 03:11:14 -0400 Received: from [192.168.0.100] ([70.166.17.50]) by dukecmimpo03.coxmail.com with bizsmtp id w7BD1c00614oyBJ017BENe; Fri, 23 Oct 2009 03:11:14 -0400 Message-ID: <4AE1570D.8040105@baechler.net> Date: Fri, 23 Oct 2009 00:11:09 -0700 From: Tony Baechler User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.4pre) Gecko/20090915 Thunderbird/3.0b4 MIME-Version: 1.0 To: "Speakup is a screen review system for Linux." Subject: Re: clipboard integration -- possible security implications References: <20091020210034.GB32242@linux1> <4ADEC8D4.2040709@baechler.net> <20091021160241.GA16006@linux1> <4AE01077.7010607@baechler.net> <20091022153810.GA17686@linux1> In-Reply-To: <20091022153810.GA17686@linux1> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: speakup@braille.uwo.ca X-Mailman-Version: 2.1.12 Precedence: list Reply-To: "Speakup is a screen review system for Linux." List-Id: "Speakup is a screen review system for Linux." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Oct 2009 07:11:15 -0000 Hi, OK, how does speakupconf work if you're not root? If it can write to sys files, perhaps have it write the name of the clipboard file, the same as you would to switch synthesizers. That would give ultimate flexibility to the user, although the question is still who the current user is. I would define the current user as the one who is using Speakup at the time that text is copied to the Speakup clipboard. Another idea would be to require a user to be in a special group, similar to only making the CD drive accessible to users in the "audio" group. The group would have to manually be created, but it would be a simple matter to add all users who should be allowed to read the Speakup clipboard to that group. I had to manually add a user to the audio group before I could extract a CD. You could also give the option of using an already existing group, such as "admin" which is used by sudo. On 10/22/2009 8:38 AM, William Hubbs wrote: > How do you define the current user? It can't be the one who is > logged in since multiple users can be logged in even on a machine that > doesn't have network access (you can log into one vt as root and another > as yourself for example). > > That puts us back in a situation where the files you are talking about > have to be only accessible to root and you would have to find another > way to create the random file name you are talking about. >