formatting/partitioning methods in HAL
Christopher Santero
csantero at gmail.com
Sun Jan 15 08:40:52 PST 2006
On 1/15/06, Artem Kachitchkine <Artem.Kachitchkin at sun.com> wrote:
> Security policies have their scope and context. I think we should allow
> for various types of users and environments. The best way to look at the
> problem, IMO, is via a concept of device ownership. Consider two examples:
>
> 1. We establish that the device just plugged in is exclusively owned by
> the console user on a single-console system. In this case, allowing the
> user to format the device he owns is a reasonable expectation.
>
> 2. We establish that the device just plugged in is shared among a group
> of users. In this case, in order to format the device a higher privilege
> might be required.
>
> Of course, until the operating environment has a clear mechanism for
> group device ownership, case 2 is very uncommon. For case 1, a
> reasonable default policy would be to grant formatting privilege for
> hotpluggable and removable media attributes; and allow sysadmins to
> disable this if they wish.
Why can't we just pick up the permissions from the associated /dev
file, and allow/disallow access based on that? This all seems like
it's the admin's and distro's domain.
Chris
More information about the hal
mailing list