G-P-M on the wrong track?!
Martin Pitt
martin at piware.de
Mon Oct 17 01:24:41 PDT 2005
Hi!
Michael Krivoruchko [2005-10-16 20:38 +0100]:
> Moreover, a single daemon simply should not have all the privileges
> necessary to control all possible type of devices. This is specifically
> true on multiuser systems. Therefore, I believe, the daemon should
> remain a centralized facility which provides an information about devices
> to the desktop applications.
*wholeheartedly agree*
Hal can currently run perfectly without root privileges, and it should
stay that way. Every task that requires root privileges belongs into a
separate program (which might be a daemon, or dbus service) that is
small, specific, can be audited, and has a clearly defined an minimal
interface to the user.
So please keep the current design of hal and resist the temptation to
include active elements into it. You will sacrifice both security and
flexibility.
Thanks,
Martin
--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntu.com
Debian Developer http://www.debian.org
In a world without walls and fences, who needs Windows and Gates?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.freedesktop.org/archives/hal/attachments/20051017/4c1d3f8c/attachment.pgp
More information about the hal
mailing list