Re: MATE 1.8 has now fully arrived in Debian

To: debian-devel@lists.debian.org
Subject: Re: MATE 1.8 has now fully arrived in Debian
From: Svante Signell <svante.signell@gmail.com>
Date: Fri, 27 Jun 2014 11:53:17 +0200
Message-id: <[🔎] 1403862797.12686.11.camel@G3620.my.own.domain>
Reply-to: svante.signell@gmail.com
In-reply-to: <[🔎] 1403793121.14272.73.camel@s1499.it.kth.se>
References: <[🔎] 1403773037.14436.190.camel@dsp0698014> <[🔎] logpfo$o6$1@ger.gmane.org> <[🔎] 53ABEF09.1080609@debian.org> <[🔎] 1403777156.13072.62.camel@G3620.my.own.domain> <[🔎] 53AC0BF7.7030604@free.fr> <[🔎] 1403786016.14272.51.camel@s1499.it.kth.se> <[🔎] 53AC17AD.3090304@debian.org> <[🔎] 1403793121.14272.73.camel@s1499.it.kth.se>

Before this part of the thread dies out, can anybody comment on this,
Simon, Ansgar, Jean-Christophe, ...?

On Thu, 2014-06-26 at 16:32 +0200, Svante Signell wrote:
> On Thu, 2014-06-26 at 13:53 +0100, Simon McVittie wrote:
> > On 26/06/14 13:33, Svante Signell wrote:
> > > Of course with the additional check that the students are logged in to
> > > that box locally, did I forget to mention that?
> > 
> > ... or
> > something involving utmp/wtmp/other traditions.
> > 
> > utmp(5) says "many system programs (foolishly) depend on its integrity"
> > so be very careful with security implications if you go that way. I
> > wouldn't want anything relying on utmp for its security on my systems.
> 
> Maybe I'm naive but doesn't utmp(5) solve this problem?
> 
> who(1) tells me in clear-text if I'm logged in locally or remote:

Here

> Are there serious security problems with ancient utmp that cannot be
> solved?

And here.

Even systemd use utmp: man -k utmp shows:
systemd-update-utmp (8) - Write audit and utmp updates at runlevel
changes and shutdown
systemd-update-utmp-runlevel.service (8) - Write audit and utmp updates
at runlevel changes and shutdown
systemd-update-utmp-shutdown.service (8) - Write audit and utmp updates
at runlevel changes and shutdown

And utmp is universal unix, not something linux-specific (which systemd
is)

Controlling who is allowed to shutdown a computer is not that difficult
in *nix*, without systemd: create a shutdown group and
parse /var/run/utmp, or??

Reply to:

Follow-Ups:
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Simon McVittie <smcv@debian.org>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Ansgar Burchardt <ansgar@debian.org>

References:
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Josselin Mouette <joss@debian.org>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Thorsten Glaser <tg@debian.org>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Ansgar Burchardt <ansgar@debian.org>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Svante Signell <svante.signell@gmail.com>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Jean-Christophe Dubacq <jcdubacq1@free.fr>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Svante Signell <svante.signell@gmail.com>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Simon McVittie <smcv@debian.org>
- Re: MATE 1.8 has now fully arrived in Debian
  - From: Svante Signell <svante.signell@gmail.com>

Prev by Date: Re: MATE 1.8 has now fully arrived in Debian
Next by Date: Re: MATE 1.8 has now fully arrived in Debian
Previous by thread: Re: MATE 1.8 has now fully arrived in Debian
Next by thread: Re: MATE 1.8 has now fully arrived in Debian
Index(es):
- Date
- Thread