Fredrik Tolf wrote: > On Mon, 2009-05-04 at 09:52 +0200, Michael Biebl wrote: >>> I have not researched it in detail yet, so I don't really know if it's a >>> good >> So you are basing your request on FUD? > > I don't think so. What I meant by "not researching" was whether the > solution of splitting it into two packages would be plausible. > > As for my wider argument, I may be wrong somewhere along the line, but > please correct me if that is so. My argument is this: > > First, as far as I know, PolicyKit is essentially a system for granting > privileges to a user which he would not have without it. In other words, > depending on the configuration of PolicyKit, a user may be allowed to do > things he would not be allowed to without it [see note 1].
Well, that is also true for the group based approach that was previously used in HAL, just much more coarse grained and less flexible and dynamic. > Second, the configuration and operation of PolicyKit is not well-known, > unlike normal Unix security. That basically reads, like you are missing proper documentation. Have you installed policykit-doc and read the documentation provided there (best read with devhelp)? But certainly documentation can always be improved. > Third, Debian previously used ordinary Unix groups to assign various > HAL-related privileges to users. Everyone known how Unix groups work; if > a user wasn't a member of any particular groups, he would be granted no > unexpected privileges. We invented groups like plugdev/netdev/powerdev in HAL, to control access to the HAL D-Bus service. Yet the exact meaning of those groups is very vague (or can you tell me which privileges you exactly get by being a member of e.g. group plugdev?) This is now replaced with PolicyKit. With the HAL policykit configuration file (you can inspect the HAL PolicyKit configuration with polkit-gnome-authorization), it is much clearer (and documented) what privileges are granted. Again, the group-based approach is less flexible, too coarse grained, not dynamic and not scalable. Thus PolicyKit is a definit improvement (security wise). What I miss from your arguments are solid, technical reasons, why PolicyKit is, as you put it, "a bad idea". Cheers, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature