> First, there is no safe way to revoke privileges from a user. If a user > gets access to a certain group he/she can arrange ways to keep it, > even after being logged out (make a suid binary for example).
I admit that I don't know much about the internals of Unix/Linux. So, if upon login of user "foo" ownership/permissions of /dev/audio are set to crw------- 1 foo audio 14, 4 2006-09-22 13:25 /dev/audio and after logout of "foo" and login of "bar" to crw------- 1 bar audio 14, 4 2006-09-22 13:25 /dev/audio "foo" might still be able to access /dev/audio ? > Second, several people can login at once on different VTs. True, the general case is much more involved. However, considering that the majority of desktops is single-headed, it would be most useful to be able to install a package that sets up the computer for this special case such that people can work under gnome/kde like they are used to from windows or mac-os. This includes to be able to access devices easily, but without being pried upon by curious (but otherwise friendly and non-hacker) remote users. > Why would you want to bring udev in the picture? If you think the scheme > used by pam_group (and similar) is secure enough for you, you can also grant > access to the plugdev, netdev and powerdev groups. I don't want to grant access to groups but rather want to mimic the behaviour of libpam-permdev that changes ownership/permissions of the device to grant only access to the console user. Maybe "udev" is the wrong term; with udev I mean the part of the system that creates devices dynamically and thus knows when and at which device e.g. a usb stick was plugged in, and can initiate the action of changing the ownership/permissions. I found a partial solution somewhere on the web working like that. > Note that access control > is not hard coded to plugdev in dbus, you can edit the files in /etc/udev > to have more relaxed access control. Oh, on debian you also need to change > the permissions of p{u,}mount > Afaik, fedora has pam_console or something like that does something like > you suggest; give privileges to all users that log in at the console. > Also dbus has some support for this, but this isn't compiled in the > debian version, because of the caveats I outlined above. Thanks, I'll check it. > FWIW, there has been some discussion and ideas floating > around on the HAL and DBus lists. The current consensus is that we need > a secure way for dbus/hal to know what is the current active virtual > terminal and how owns it. For mulit-head systems we need a way to > specify that certain devices (think usb ports) belong to a certain > display. > Nobody has had time to implement it yet however. Good to know. So I'm not wasting time when constructing a (simple) solution for my situation. Gernot -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]