per seat hardware and login managers

Richard Hughes hughsient at gmail.com
Tue Mar 20 04:25:15 PDT 2007


On Mon, 2007-03-19 at 23:04 -0400, David Zeuthen wrote:
> I think we need to just do this; in many ways it is indeed it's own
> session and it would reduce ugly things like this
> 
>  http://cvs.fedora.redhat.com/viewcvs/devel/gdm/90-grant-audio-devices-to-gdm.fdi?rev=1.1&view=auto
> 
> to just being normal policy because right now gdm can always access
> your
> sound devices... (not a huge attack vector but a bit annoying
> nonetheless). 

So what is the problem with doing this? Why was it not done years ago -
is there some subtlety I'm missing?

Richard.




More information about the hal mailing list