Sijun Kang wrote:

> With all due respect to what you said, I do need to point out
> that, as a starting point of making information secure,
> limiting the programs that can get access to the information
> is a good practice. And that would provide much less ends as
> to what we should protect (or fight against).

Why is it good practise? I want OpenOffice to be able to open
any Word documents that get sent to me. I want my FB utilities
to be able to open any databases that I need to play with. If
something got corrupted I _want_ to be able to analyse the
problem with separate programs.

If worried about Malware then let's address that problem, I
don't agree that generically blocking access from other apps
is necessarily a good idea (even supposing it was really
possible in this situation).

> I wish the problem could be described as a simple one of
> "administrate your computer well". But in reality, even if
> you (and me, maybe) can follow all the due diligence of
> following the best security practice and make the system as
> secure as an iron-wall, the users of your program and my
> program most likely would just depend on the application to
> provide the security (if available). If we (as programmers)
> can write such application that only requires an average-joe
> user to follow some simple rules and provide a good security
> of their data, (definely not promising the world!), I think
> that would be something worth celebrating.

You want to make it easier on them? Do it once.

Do it at the system level so everything is covered. Don't
make them have to deal with security separately for every
application. (See my other posting.)

--
Geoff Worboys
Telesis Computing