On Mon, 2009-05-04 at 09:52 +0200, Michael Biebl wrote: > > > > I have not researched it in detail yet, so I don't really know if it's a > > good > > So you are basing your request on FUD?
I don't think so. What I meant by "not researching" was whether the solution of splitting it into two packages would be plausible. As for my wider argument, I may be wrong somewhere along the line, but please correct me if that is so. My argument is this: First, as far as I know, PolicyKit is essentially a system for granting privileges to a user which he would not have without it. In other words, depending on the configuration of PolicyKit, a user may be allowed to do things he would not be allowed to without it [see note 1]. Second, the configuration and operation of PolicyKit is not well-known, unlike normal Unix security. Third, Debian previously used ordinary Unix groups to assign various HAL-related privileges to users. Everyone known how Unix groups work; if a user wasn't a member of any particular groups, he would be granted no unexpected privileges. Thus, I think it is a bad idea to install PolicyKit by default: With PolicyKit, I don't even know how permissions are granted to users. I know that it's supposed to authenticate through PAM, but I have not yet found any information on how it actually authorizes the authenticated users for the various permissions it can grant. Note, also, the following remark from the PolicyKit(8) manpage: "TODO: This manual page should contain a simple introduction to PolicyKit for a system administrator audience. Remains to be written." The same manpage points to /usr/share/doc/policykit for more information, but it only contains a README explaining why various policykit programs have the file modes they do, and nothing about how to administer PolicyKit itself. That is my conclusion. Please tell me if I'm wrong somewhere along the line. Fredrik Tolf -- Note 1: Parenthetical remark -- As such, PolicyKit, as a security system, differs from systems like SELinux which only remove privileges a user would otherwise have, and which therefore do not create any new vectors for doing privileged operations, -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org