On 2/17/2011 10:32 AM, GSO wrote:
I'm having a awfully hard time figuring out why a home CCTV
application might need privilege at all. Are you sure you really need
privilege? It sounds to me like there may be some larger design
issues mandating the need for privilege when it's not really
necessary.
A user login should only able to view the footage. It's important
that a user login cannot delete any images/video. This much can be
done with ACL - but having said that a user login would still be able
to copy the images/video, so ACL would work but is not ideal - I could
prevent copying with raised privileges. If I were to allow a user to
archive footage without using an admin login then that would require
ACL with write access, which is out of the question.
If a camera loses its connection I think it's OK to let a user restart
the camera without using gksu, but this would require raised
privileges.
There are other misc. points where I need write access. The directory
where images are stored by the live feed can become 'messy' (for want
of a better way of putting it), write access is needed to tidy it up
before live camera images can be viewed,
Could restarts and cleanups be done with a root daemon separate from
user scripts?
FWIW, I recently read an article about how some internet-connected
cameras are much more accessible to the world than the owners probably
intended, even to the point, sometimes, of providing access to the
built-in gui control panel. So some thought seems appropriate in this
area ;-).
--
Terry Jan Reedy
--
http://mail.python.org/mailman/listinfo/python-list
