Re: Permission for 'dev/pmu'

[Michael Schmitz <schmitz@opal.biophys.uni-duesseldorf.de>]

> > The error message won't appear if your user has access to the pmu, which is the
> > case on my system. But that's ofcourse wrong to do by default.
>
> What do you respond to Christoph's critic, which was if i remember well :
>
>   "no unaudited gnome app should have such direct access to my hardware".
>
> And the evident unsecurity of this process ?

There's not much you can do about that - remember that access to /dev/pmu
means the console user (if you restrict access by means of some console
group) can result in PMU communications hiccup, and when the PMU finds the
host has borked the communications, it will shut down power after some
timeout, no questions asked. I often find the clock reset to 1904 after
such a reset, boot variables cleared, and so on.

> I hear that a consensus seems to be forming up that pbuttonsd offer this same
> functionality, and thus acme doesn't really need to be doing it, and i am much

That's one option. And fblevel from powerpc-utils could be installed suid
root and used by acme to control brightness, without need for user level
access to /dev/pmu, for those who don't wish to install pbbuttonsd. (The
alternative, for acme to set the effective user ID to root before opening
the PMU, is perhaps too unsafe to consider).

	Michael