[fprint] Is there an option for fprintd to disable policy checking?

Karsten Jeppesen arm9263 at yahoo.com
Wed Aug 29 00:21:46 PDT 2012 

Hi Bastien,

Well I could be working against the stream - you tell  me, please.

What I am attempting to do is this: We have an application (Qt based) where we would like to use fingerprints to authorize the use of some functionality. So the application itself will not be "changing user" rather it just needs to know who is actually authorizing a special operation at a certain point in time.

I know you built the fprintd specially targetting PAM, but since Qt has an excellent DBUS support it seemed obvious to let fprintd connect to Qt using DBUS to facilitate the authorization. Its a bit different than the log-in procedure.

But thanks anyway for your reply, it was helpful,

Sincerely,
Karsten Jeppesen



________________________________
 From: Bastien Nocera <hadess at hadess.net>
To: Karsten Jeppesen <arm9263 at yahoo.com> 
Cc: fprint mailing list <fprint at lists.freedesktop.org> 
Sent: Tuesday, August 28, 2012 3:51 PM
Subject: Re: [fprint] Is there an option for fprintd to disable policy checking?
 
On Tue, 2012-08-28 at 05:25 -0700, Karsten Jeppesen wrote:
> Hi Guys,
> 
> 
> 
> 
> On embedded platforms (ARM9) there are but one user: root. (Not like
> highlander, there can be more than one) but usually not.
> And theres isn't that much space.
> So the policy checking in device.c
> Can it be disabled? (doesn't look like it)
> Just asking before using the big cut n paste approach.

I don't understand why you'd want or need to do that when:
- you already use D-Bus and dbus-glib
- you should _really_ be using separate users otherwise what's the point
of using fprintd when you could talk to the fingerprint reader directly
(and lose all privileges separation at the same time)

It's not possible to remove the dependency, and there's no plans to make
that possible.

Cheers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/fprint/attachments/20120829/f0899efa/attachment.html>

More information about the fprint mailing list