Re: gdm/Gnome/KDE and device permissions

To: debian-devel@lists.debian.org
Subject: Re: gdm/Gnome/KDE and device permissions
From: Roland Mas <lolando@debian.org>
Date: Wed, 11 Oct 2006 14:10:16 +0200
Message-id: <[🔎] 87wt772guv.fsf@mirexpress.internal.placard.fr.eu.org>
References: <[🔎] E1GXbwp-00087S-S8@polaris.logic.tuwien.ac.at> <[🔎] egiklp$sgs$1@sea.gmane.org>

Sam Morris, 2006-10-11 13:40:08 +0200 :

> I think HAL/PolicyTool/pam_foreground will eventually give us a
> (slow?) solution to problems like this, but it's some way off at the
> moment. Being able to add/revoke permissions with traditional
> security methods (i.e. group membership) requires kernel
> modification AFAIK.

One could envision usage of POSIX ACLs.  Very hackish, but some daemon
could add an ACL entry to various files in /dev when a user logs in,
or logs out, or time passes, or some device is plugged in, or
whatever.  No need for special groups.  Of course, maintenance would
probably be a nightmare, unless there's a way to share ACLs between
files that I'm not aware of.

Roland.
-- 
Roland Mas

Ace of clubs?  Let's see that.
European Juggling Convention -- Carvin, France.  http://ejc2004.org

Reply to:

Follow-Ups:
- Re: gdm/Gnome/KDE and device permissions
  - From: Raphael Hertzog <hertzog@debian.org>

References:
- gdm/Gnome/KDE and device permissions
  - From: Gernot Salzer <salzer@logic.at>
- Re: gdm/Gnome/KDE and device permissions
  - From: "Sam Morris" <sam@robots.org.uk>

Prev by Date: Re: anticipating the upstart migration
Next by Date: Returned mail: Data format error
Previous by thread: Re: gdm/Gnome/KDE and device permissions
Next by thread: Re: gdm/Gnome/KDE and device permissions
Index(es):
- Date
- Thread