This one time, at band camp, Marco d'Itri said: > On Mar 17, Stephen Gran <sgran@debian.org> wrote: > > This is the thinkpad /dev/nvram stuff, right? I thought for some tpctl > > utilities to work, you currently need to be in group nvram. Making that > > equivalent to kmem seems unnecessarily broad to me. > > Users must not be in specific groups to access hardware, this is broken > and insecure. That's the first I've heard that argument - of course you don't give untrusted users access to hardware, but we've always managed access to devices with group membership (lp, dialout, etc). Are you proposing that should change? Cheers, -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : sgran@debian.org | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
Attachment:
signature.asc
Description: Digital signature