[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#262507: ITP: resmgr -- resource manager library

On Wed, Oct 27, 2004 at 05:03:43PM +0200, Julien BLACHE wrote:
> For those of you interested, I've uploaded resmgr 1.0-1 to
> experimental (must go through NEW, etc.).
> I'll upload a version of sane-backends built with resmgr support to
> experimental when sane-backends 1.0.15 will be released (end of next
> week, IIRC).
> I plan to have SANE built with resmgr support for Etch, and I hope
> other applications will support resmgr too. It can make life a lot
> easier, and changes to the code are really minimal.

It is, however, a security hole; it's functionally equivalent to
pam_console (which we declined to ship in the past) and has the same
problems. As such it's not really an improvement in security over
making devices group- or world-accessible.

resmgr must not be enabled by default and should carry a big warning;
you can only use it in scenarios where you would be willing to use

(Why somebody bothered to implement resmgr instead of simply enhancing
pam_console is beyond me; probably NIH)

  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

Reply to: