Jon:
On 05/14/11 03:37 PM, William Jon McCann wrote:
It is certainly a serious overreaction to my statement that a proposal that is based on an internal architecture change, that uses lines of code as a metric, and didn't include a single thing that would improve the user experience seems to me like architecture astronauting.
Early in this discussion, Miguel de Icaza recommended that an audit be done to compare lightDM and GDM. While lines-of-code is often not a particularly useful metric in general, it can become an important factor when analyzing a security-related module or when doing an audit. GDM provides some really neat GNOME integration. However, much of this integration is available because it uses much of the GNOME infrastructure (gnome-settings-daemon, metacity, gnome-session, etc.). This makes the job of reviewing or auditing GDM quite complicated since it is necessary to review not only the GDM code, but all the infrastructure code that GDM uses. With GDM, it is obviously harder to keep track that changes in the GNOME infrastructure will not negatively impact the security of the display manager. It becomes more important to ensure that developers of infrastructure like g-s-d are aware of how their code is used in the GDM context, and that they write good, secure code. I do not think this is a particularly surprising insight. As long as I have worked on GDM, there has always been tension between usability and keeping security-related code as light as reasonably possible. Obviously this is somewhat subjective, but GDM is rather far at the "usability" end of the spectrum. Having said all this, I do not think this is a real problem. The GNOME community mantras are usability and simplicity. GDM fits with these mantras quite well for the typical GNOME user and is more than sufficient for keeping the average GNOME desktop secure. However, GDM may not be the best display manager choice for particular users or distros who have more stringent security requirements or who may require reviewing or auditing of security related programs like GDM. Brian _______________________________________________ desktop-devel-list mailing list desktop-devel-list@gnome.org http://mail.gnome.org/mailman/listinfo/desktop-devel-list