[rfc][icedtea-web] "Always trust content from this publisher" defaulting to checked
Andrew Azores
aazores at redhat.com
Tue May 20 18:46:10 UTC 2014
On 05/20/2014 02:28 PM, Omair Majid wrote:
> * helpcrypto helpcrypto <helpcrypto at gmail.com> [2014-05-20 14:20]:
>> For our company, the less users have to think/do, the better.
> I think this is the right approach. If you prompt users all the time,
> even for things they have trusted before, they are likely to start
> accepting all prompts. It would be disasterous if they accidentally
> accepted a malicious signed applet.
We already prompt the users *a lot*, and we do it with defaulting to
always trusting the applet in the future. Accepting a malicious applet
is bad, *always* accepting it is worse...
>
>> My two cents: leave it checked.
>> My two cents (2): I really don't care :P
> Agreed. Lets make sensible decisions where we can, but allow users to
> override them.
>
> Thanks,
> Omair
>
IMO the more sensible choice is to not, by default, assume the user will
"always trust" any applet at all. If they want to always trust an applet
and not ever be asked about it again, I think that should be a decision
they actively make, rather than be the default that occurs if they
blindly click OK until the applet appears.
Thanks,
--
Andrew A
More information about the distro-pkg-dev
mailing list