1 |
On Sat, 2007-10-20 at 04:32 +0000, Duncan wrote: |
2 |
> > It would be a Good Thing if new local accounts could be added to group |
3 |
> > plugdev when they're created. |
4 |
|
5 |
This is mostly just wishful thinking. There are a number of groups that |
6 |
a desktop user should be added to, depending on what's to be done with |
7 |
the system. I quite agree with you in general on the security issue, |
8 |
when I think about it, but not if the box is a single-user desktop |
9 |
system. |
10 |
|
11 |
> Adding users you wish to have this access to the plugdev group is indeed |
12 |
> the correct solution, and indeed, mentioned in the log messages for the |
13 |
> hal package when you merge it. Check your portage messages log, or see |
14 |
> the elog at the end of the hal ebuilds if necessary. So the instructions |
15 |
> were there for you to read if you wanted to. |
16 |
|
17 |
Gentoo does its best with the portage log messages, and has improved |
18 |
recently, and I actually helped write the enotice utility that some |
19 |
people use to read these things. The bottom line, however, is that it's |
20 |
still an very inconvenient format for essential documentation. Your |
21 |
comment is a bit like saying that the instructions for the tool you just |
22 |
bought are pasted to the inside of the shipping carton, and, well, if |
23 |
you don't understand how it works, just RTFM ;-) |
24 |
|
25 |
On top of this, there was nothing in the error message I got to |
26 |
positively identify this problem as as Hal issue any more than a Dbus |
27 |
issue. The error box text said to see the Dbus config file, which |
28 |
really didn't help much. |
29 |
|
30 |
The Gentoo spec for package metadata (metadata.xml) contains a virtually |
31 |
unused field, <longdescription>, which could easily be used to contain |
32 |
tidbits of this sort. I've lobbied on Gentoo bugzilla to have this |
33 |
field used more constructively for this sort of information, but didn't |
34 |
get anywhere. One could have emerege or better, equery be able to pull |
35 |
up this info per package. The down side, of course, is that it would |
36 |
increase the size of the portage tree, but the essential information is |
37 |
already being stored in the ebuilds and is output to a running log that |
38 |
can be many megs long and not designed to be searchable. |
39 |
|
40 |
> However, security-wise, you've hit a bit of a raw nerve here, so excuse |
41 |
> me while I rant a bit... |
42 |
|
43 |
You're excused ;-) |
44 |
|
45 |
> It would *NOT* be a "Good Thing" (r), and in fact, would be a very "Bad |
46 |
> Thing" (r) to do this automatically when new users are created, as that |
47 |
> kills important aspects of the Unix/Linux security model, the entire |
48 |
> reason the generic "users" group isn't used in the first place. There |
49 |
> are good reasons sysadmins may not WANT every user to have automount |
50 |
> rights, and it's already possible to expand your newuser scripts locally |
51 |
> to automatically add a user to various groups, if you as sysadmin decide |
52 |
> that's what you want to do. |
53 |
|
54 |
I think one of the problems we have as sysadmins is that we often fail |
55 |
to distinguish between the security model required for a classic Unix |
56 |
multi-user system and a Linux desktop box which probably runs on a |
57 |
private network with probably only one or two users who are logged on |
58 |
sequentially rather than simultaneously. In the former case, you're |
59 |
quite right. I've been seriously rethinking the matter of security for |
60 |
the latter case. |
61 |
|
62 |
> So... please think before you make requests for automating procedures |
63 |
> that effectively automate the creation of security holes. If you want |
64 |
> platforms that do such things, they are available; no need to make Gentoo |
65 |
> into one of them by default. |
66 |
|
67 |
If I'd seriously wanted to make a request, I'd have filed an enhancement |
68 |
request on Gentoo bugzilla, and indeed I would have given it a good deal |
69 |
more thought. This was not so much a request here as an aside, thinking |
70 |
that there needs to be some documentation format more convenient than |
71 |
e.g. fishing through portage logs for finding out how to properly tweak |
72 |
a user account on a desktop system in order to get it to work properly |
73 |
with various facilities on the host box. |
74 |
|
75 |
-- |
76 |
Lindsay Haisley | "In an open world, | PGP public key |
77 |
FMP Computer Services | who needs Windows | available at |
78 |
512-259-1190 | or Gates" | http://pubkeys.fmp.com |
79 |
http://www.fmp.com | | |
80 |
|
81 |
-- |
82 |
gentoo-desktop@g.o mailing list |