Dashboard is a security risk. Widgets can do almost anything an
application can, it kind of defeats the purpose of using Workgroup
Manager to secure what applications can be run, as a student could
bring along a widget that will circumvent all this. A nice example
is the Terminal widget. That ought to make any sys admin cringe.
You could set a security policy based on the permission flags in the
plist - if none of the "allow" flags in the infoplist are set, and
there is no .widgetplugin, the widget is no more security risk than
surfing the web (and at that point, you could just open the widget's
HTML in Safari and get the same behavior).
Basically, though, if "allowSystem" is enabled or there is
a .widgetplugin, you've basically got all the issues that you've got
with a shell script or an application, respectively.
Perhaps filing a request that allows "locking down" widgets based on
those flags might be the best solution... Otherwise you might be
better off adding a kqueue watcher to see if a new widget is
installed, and (if nothing else) delete or change those flags.
(And I'm also not convinced that terminal should make a sys admin
cringe, since the whole point of the unix security model is built
around people using terminals...)
Glenn Andreas email@hidden
<http://www.gandreas.com/> wicked fun!
Widgetarium | the quickest path to widgets
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Dashboard-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/dashboard-dev/email@hidden
