Krevinek
Evil PPC Tweaker
Well, the good news is that widgets are forced to sleep (their process is suspended) while Dashboard is not in the foreground. This decision was based on the idea that users should not have to put up with possibly misbehaving widgets that need to constantly update the display when there is nothing to display, sucking down CPU.
This is a definite threat, as it does open the door for all sorts of nastiness beyond what is currently capable... since this knowledge elevates the access of Dashboard widgets beyond that of a normal application. This is /bad/. Widgets should have LESS access than applications. I personally agree with the idea that Dashboard should be seperated further, even though it already has its own Daemon process, but it is tied to the system quite tightly. Have it run as nobody.
However, those who don't like Dashboard and don't bring it to the front are safe... especially since there are 4 conditions that have to be met before code can actually do something malicious:
1) User has downloaded the widget or had it installed
2) User has chosen to put the widget onto his/her dashboard screen (spawn it)
3) User has authenicated
4) User has brought Dashboard forward before the sudo timeout occurs
That is pretty user involved here, so it is much more like an old MacOS 9-style trojan than anything else. Still, it needs to be plugged ASAP, as it is a danger, and that is bad.
This is a definite threat, as it does open the door for all sorts of nastiness beyond what is currently capable... since this knowledge elevates the access of Dashboard widgets beyond that of a normal application. This is /bad/. Widgets should have LESS access than applications. I personally agree with the idea that Dashboard should be seperated further, even though it already has its own Daemon process, but it is tied to the system quite tightly. Have it run as nobody.
However, those who don't like Dashboard and don't bring it to the front are safe... especially since there are 4 conditions that have to be met before code can actually do something malicious:
1) User has downloaded the widget or had it installed
2) User has chosen to put the widget onto his/her dashboard screen (spawn it)
3) User has authenicated
4) User has brought Dashboard forward before the sudo timeout occurs
That is pretty user involved here, so it is much more like an old MacOS 9-style trojan than anything else. Still, it needs to be plugged ASAP, as it is a danger, and that is bad.