On Mon, Dec 01, 2014 at 02:10:09AM +0100, Andreas Bombe wrote: > On Sun, Nov 30, 2014 at 04:40:21PM +0000, Ivan Shmakov wrote: > > >>>>> Josselin Mouette <j...@debian.org> writes: > > > * Other users only have access to audio devices through ACLs when > > > physically logged on. > > > > Unless I be mistaken, ACLs are only applied at the time of > > open(2). What about the processes (if any) which opened an > > audio device back when it was possible, but are still running at > > the time the user logs out? > > That is how Linux works, yes. revoke() syscalls have been occasionally > proposed for at least 15 years but as far as I know no implementation > has yet been accepted in the Linux kernel. > > I don't know if logind can do or does anything beyond that. There are subsystem-specific ways to revoke access. See http://lists.freedesktop.org/archives/systemd-devel/2013-August/012897.html for the patches which added support logind. https://dvdhrm.wordpress.com/2013/08/25/sane-session-switching/ is also a good read.
Zbyszek -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141201021027.ga29...@in.waw.pl