1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA256 |
3 |
|
4 |
On 02/21/2015 01:35 AM, Ulrich Mueller wrote: |
5 |
>>>>>> On Fri, 20 Feb 2015, Daniel Campbell wrote: |
6 |
> |
7 |
>> When this becomes more widespread, what action are users urged |
8 |
>> to take in order to "migrate" to the new system? Should our |
9 |
>> everyday user account be removed from the `games` group, and the |
10 |
>> group should be removed altogether? |
11 |
> |
12 |
> Currently, users need not take any action. |
13 |
> |
14 |
> In the hypothetical case that games.eclass would be abandoned, the |
15 |
> "games" group would likely go away and should then be removed from |
16 |
> users' systems. However, with about 1000 ebuilds currently |
17 |
> inheriting games.eclass, I don't see that happening any time soon. |
18 |
> There's a long discussion on this topic in the nethack bug [1]. |
19 |
|
20 |
Okay, I'll check that out. It seems that if the group is ever deemed |
21 |
obsolete, it would gain a news item or something similar. |
22 |
|
23 |
> |
24 |
> Personally, I think that controlling who is allowed to run certain |
25 |
> types of applications via group membership is a great idea. We |
26 |
> should introduce that approach for other applications too. How |
27 |
> about an "editors" group? Text editors are potentially dangerous |
28 |
> because they allow users to modify files. Therefore, the system |
29 |
> administrator should add only trusted users to the "editors" group |
30 |
> so they can run programs like emacs, nano, or vim from the |
31 |
> app-editors category. |
32 |
> |
33 |
> Ulrich |
34 |
> |
35 |
> [1] https://bugs.gentoo.org/125902 |
36 |
> |
37 |
I hadn't thought of that! Would testing that idea require much beyond |
38 |
creating the group, adding users, and chmodding the binaries? It seems |
39 |
like it'd make a good USE option for those running servers with strict |
40 |
permission needs. Then again, isn't that what LDAP or ACL are designed |
41 |
to handle? |
42 |
-----BEGIN PGP SIGNATURE----- |
43 |
Version: GnuPG v2 |
44 |
|
45 |
iQEcBAEBCAAGBQJU6UByAAoJEJUrb08JgYgH80wH/RSeCKr8xF4N0WsY4mgfjtRX |
46 |
TOWSJI/SF+Cb38IHUupKLrP0Hyp1VQud9lI2KZTS6UVj/qUhJBdOHMT9TGeAzZvI |
47 |
rVss1RQMcW/ZPNhBa0M5i/mgopKqWaFyoLY9BWEqBa1cg26Sh43PbeFpdpI7wChR |
48 |
4ya3NO9Hzc2zLLlpMjMGCVsJsuM7E24YonD9poGYP3LmBw4ZGnNN00YWnLofFMlj |
49 |
8M3tr0FZ7ALlAsB2sb7vMTkUSX4s3t442Li+D1ihocZMGMSQ+NeJOwhzQAMAU7nx |
50 |
3kzwGg+IDaaYrDOL4FnuJ4tOtc8DGKlzLj71VvJnhsvkxh2Hn3ljUZYeaJqoY1A= |
51 |
=7xED |
52 |
-----END PGP SIGNATURE----- |