Is it safe to let every user become member of the fuse group?
In bug <URL:http://bugs.skolelinux.no/show_bug.cgi?id=1184>, it became
clear that one missing configuration to get local devices on thin
clients working out of the box is the lack of automatic gruop
membership in the fuse file group. This can be solved by editing
/etc/security/group.conf to add all users to the fuse group when they
log in. Is this safe to do? What else can the fuse group membership
be used for?
If it is safe, I suggest we add a line "*; *; *; Al0000-2400; fuse" at
the end of that file to make sure every logged in user is added to the
group. Preferably I would only add users logging in on a thin client
to that group, but as far as I can see, there is no way to identify
that use that the pam_group module is able to detect. It can be
identified using environment variables, but the pam_group module can
only look at tty and program names, and neither is special for LTSP