G-P-M on the wrong track?!

Martin Pitt martin at piware.de
Mon Oct 17 01:24:41 PDT 2005


Michael Krivoruchko [2005-10-16 20:38 +0100]:
> Moreover, a single daemon simply should not have all the privileges
> necessary to control all possible type of devices. This is specifically
> true on multiuser systems. Therefore, I believe, the daemon should
> remain a centralized facility which provides an information about devices
> to the desktop applications.

*wholeheartedly agree*

Hal can currently run perfectly without root privileges, and it should
stay that way. Every task that requires root privileges belongs into a
separate program (which might be a daemon, or dbus service) that is
small, specific, can be audited, and has a clearly defined an minimal
interface to the user.

So please keep the current design of hal and resist the temptation to
include active elements into it. You will sacrifice both security and


Martin Pitt        http://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org

In a world without walls and fences, who needs Windows and Gates?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.freedesktop.org/archives/hal/attachments/20051017/4c1d3f8c/attachment.pgp

More information about the hal mailing list