Hi, I'm sorry - perhaps I didn't explain very well. I was referring to the Ubuntu security model, not the fprint security model.
The way it works with username and password authentication is that if you are logged into your machine and walk away leaving it unlocked - anyone who arrives at your computer cannot change your password or add accounts without using the "sudo" command which prompts for your existing password. This model would be undermined if you have enabled fingerprint authentication and allow users to add fingers without first entering the password. The reason being; someone could arrive at an unlocked workstation - add / change a fingerprint with which to authenticate and then use that at a later stage to gain privileged access to the machine. If fprintd is going to add another way of achieving this in the future then that's great... but "adding correct permissions" to do this without root would undermine the existing Ubuntu security model, as it stands at the moment. I appreciate the issues of running GTK+ under root, but people should consider the implications and drawbacks of both sets of issues and weigh it up for their particular circumstances. I, for example would rather crash my machine than introduce the risk of compromise. I apologise if you thought I was commenting on the fprint security model as I know little to nothing about that having first come across the project about 4 days ago and I'm still only playing with it on a couple of development boxes. Kind regards Dan Dan wrote: > It's not really relevant in your case... but the security model is that > you have to run sudo to enroll new fingers... but not to run the > authentication. Personally, I think that's not a bad security model for > this type of thing. That's not true. If you have correct permissions then no sudo is needed. In fact, running fprint_demo under sudo is a bad idea - fprint_demo uses GTK+ which uses many other things, and you end up running several millions of lines of code as root. In terms of needing root to enroll fingers though, fprintd will eventually allow for control over who can/can't enroll using PolicyKit. Daniel _______________________________________________ fprint mailing list [email protected] http://lists.reactivated.net/mailman/listinfo/fprint
