Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Alec Warner <antarus@g.o>
To: gentoo-dev@l.g.o
Subject: Re: Debian patching KDE to use /etc for configuration (was: Re: [gentoo-dev] Re: Re: call for testers: udev predictable network interface names)
Date: Tue, 15 Jan 2013 16:19:55
Message-Id: CAAr7Pr-03ES42d=DCad_iM4j5EsVW4apKwT8GwNmEfgdC1oyrA@mail.gmail.com
In Reply to: Re: Debian patching KDE to use /etc for configuration (was: Re: [gentoo-dev] Re: Re: call for testers: udev predictable network interface names) by Rich Freeman
1 On Tue, Jan 15, 2013 at 3:00 AM, Rich Freeman <rich0@g.o> wrote:
2 > On Tue, Jan 15, 2013 at 5:25 AM, Kevin Chadwick <ma1l1ists@××××××××.uk> wrote:
3 >>
4 >> I still ascert that apps adding groups with NOPASSWD sudoers lines
5 >> perhaps even commented out by default in all or some cases is far
6 >> better than polkit for many reasons. Any counter argument can apply
7 >> to sudo too and rather easily.
8 >>
9 >
10 > I think you need to consider the use case for polkit and such. I
11 > believe they were focused on linux on the desktop. Imagine you have
12 > 10,000 users running linux on the desktop. Anybody can log into any
13 > PC. Do you want anybody to be able to remote login to any PC and
14 > access the webcam and audio, or access local USB drives and such
15 > (which do not have POSIX security applied to their filesystems)?
16 > Unless sudo has some config setting that allows access only when
17 > logged in via console it isn't really a solution.
18 >
19 > Rich
20 >
21
22 I manage 'thousands' of desktops at Google and we generally like
23 polkit. It is however, designed for graphical UI single-seat systems.
24 Its command line support sucks (they only added a CLI auth agent in
25 May) and it is not well adopted. Multi-user systems do not work well
26 with polkit. Certainly with polkit and dbus you can allow users to
27 take more specific action without complex wrappers, setuid scripts, or
28 sudo. My package manager can have a polkit action like 'install a
29 signed package' and I can grant the user access to do that, but not
30 access to install unsigned packages (root exploit there...) or run
31 other dangerous apt commands. It comes built into apt, so I don't have
32 to write extra wrappers.
33
34 I don't recommend letting anyone log into any desktop, from a security
35 policy POV :)
36
37 -A

Replies

Subject Author
Re: Debian patching KDE to use /etc for configuration (was: Re: [gentoo-dev] Re: Re: call for testers: udev predictable network interface names) Kevin Chadwick <ma1l1ists@××××××××.uk>
Report Message
Find on MARC Find on Google Groups