| 1 |
On Sat, 2007-10-20 at 04:32 +0000, Duncan wrote: |
| 2 |
> > It would be a Good Thing if new local accounts could be added to group |
| 3 |
> > plugdev when they're created. |
| 4 |
|
| 5 |
This is mostly just wishful thinking. There are a number of groups that |
| 6 |
a desktop user should be added to, depending on what's to be done with |
| 7 |
the system. I quite agree with you in general on the security issue, |
| 8 |
when I think about it, but not if the box is a single-user desktop |
| 9 |
system. |
| 10 |
|
| 11 |
> Adding users you wish to have this access to the plugdev group is indeed |
| 12 |
> the correct solution, and indeed, mentioned in the log messages for the |
| 13 |
> hal package when you merge it. Check your portage messages log, or see |
| 14 |
> the elog at the end of the hal ebuilds if necessary. So the instructions |
| 15 |
> were there for you to read if you wanted to. |
| 16 |
|
| 17 |
Gentoo does its best with the portage log messages, and has improved |
| 18 |
recently, and I actually helped write the enotice utility that some |
| 19 |
people use to read these things. The bottom line, however, is that it's |
| 20 |
still an very inconvenient format for essential documentation. Your |
| 21 |
comment is a bit like saying that the instructions for the tool you just |
| 22 |
bought are pasted to the inside of the shipping carton, and, well, if |
| 23 |
you don't understand how it works, just RTFM ;-) |
| 24 |
|
| 25 |
On top of this, there was nothing in the error message I got to |
| 26 |
positively identify this problem as as Hal issue any more than a Dbus |
| 27 |
issue. The error box text said to see the Dbus config file, which |
| 28 |
really didn't help much. |
| 29 |
|
| 30 |
The Gentoo spec for package metadata (metadata.xml) contains a virtually |
| 31 |
unused field, <longdescription>, which could easily be used to contain |
| 32 |
tidbits of this sort. I've lobbied on Gentoo bugzilla to have this |
| 33 |
field used more constructively for this sort of information, but didn't |
| 34 |
get anywhere. One could have emerege or better, equery be able to pull |
| 35 |
up this info per package. The down side, of course, is that it would |
| 36 |
increase the size of the portage tree, but the essential information is |
| 37 |
already being stored in the ebuilds and is output to a running log that |
| 38 |
can be many megs long and not designed to be searchable. |
| 39 |
|
| 40 |
> However, security-wise, you've hit a bit of a raw nerve here, so excuse |
| 41 |
> me while I rant a bit... |
| 42 |
|
| 43 |
You're excused ;-) |
| 44 |
|
| 45 |
> It would *NOT* be a "Good Thing" (r), and in fact, would be a very "Bad |
| 46 |
> Thing" (r) to do this automatically when new users are created, as that |
| 47 |
> kills important aspects of the Unix/Linux security model, the entire |
| 48 |
> reason the generic "users" group isn't used in the first place. There |
| 49 |
> are good reasons sysadmins may not WANT every user to have automount |
| 50 |
> rights, and it's already possible to expand your newuser scripts locally |
| 51 |
> to automatically add a user to various groups, if you as sysadmin decide |
| 52 |
> that's what you want to do. |
| 53 |
|
| 54 |
I think one of the problems we have as sysadmins is that we often fail |
| 55 |
to distinguish between the security model required for a classic Unix |
| 56 |
multi-user system and a Linux desktop box which probably runs on a |
| 57 |
private network with probably only one or two users who are logged on |
| 58 |
sequentially rather than simultaneously. In the former case, you're |
| 59 |
quite right. I've been seriously rethinking the matter of security for |
| 60 |
the latter case. |
| 61 |
|
| 62 |
> So... please think before you make requests for automating procedures |
| 63 |
> that effectively automate the creation of security holes. If you want |
| 64 |
> platforms that do such things, they are available; no need to make Gentoo |
| 65 |
> into one of them by default. |
| 66 |
|
| 67 |
If I'd seriously wanted to make a request, I'd have filed an enhancement |
| 68 |
request on Gentoo bugzilla, and indeed I would have given it a good deal |
| 69 |
more thought. This was not so much a request here as an aside, thinking |
| 70 |
that there needs to be some documentation format more convenient than |
| 71 |
e.g. fishing through portage logs for finding out how to properly tweak |
| 72 |
a user account on a desktop system in order to get it to work properly |
| 73 |
with various facilities on the host box. |
| 74 |
|
| 75 |
-- |
| 76 |
Lindsay Haisley | "In an open world, | PGP public key |
| 77 |
FMP Computer Services | who needs Windows | available at |
| 78 |
512-259-1190 | or Gates" | http://pubkeys.fmp.com |
| 79 |
http://www.fmp.com | | |
| 80 |
|
| 81 |
-- |
| 82 |
gentoo-desktop@g.o mailing list |
Archives