hal privileges [was: Re: [Utopia] gnome-mount 0.3 is out]

Phillip Susi psusi at cfl.rr.com
Thu Jan 12 10:08:09 PST 2006 

You are still completely ignoring the issue of security and have the 
same attitude that Microsoft does, which is to say, that users at the 
console should just log in as root.

There are a million good reasons to worry about security, and there are 
a lot of hal users who do, if you do not, that is your choice, but do 
not claim that nobody should worry about about it.

One example where a lot of people would worry is with a laptop.  A 
business person often walks around with data on their laptop that is far 
more valuable than the laptop itself, which is why they may choose to 
encrypt the hard drive.  Someone can steal the laptop and smash it to 
bits, but their data is safe because they encrypted it, but if someone 
can plug in a usb stick that will root the laptop and steal their data, 
and even install a keylogger that can capture other sensitive 
information like passwords, long after the user takes the laptop back 
home and has no idea they are being spied on.

Another example is a photo printing kiosk in a store.  The clerks would 
notice someone taking an axe to the kiosk, but the real problem is if 
someone can bring in a usb stick that instead of printing out photos, 
would reconfigure the kiosk to send them copies of everyone's photos.

If you don't care about security, that's your choice, but you don't 
write software for general public use with that mentality, because some 
people DO care.

David Zeuthen wrote:
> Sigh... If the user is able to insert a USB key to the system, then he
> is also able to wield an axe through it and destroy it that way. Sure,
> let's fix that bug, but, for the love of $DEITY, this is _not_ an attack
> vector that is worth bothering about. 
> 
> No, I don't want to hear stupid stories about the actual motherboard of
> the system being distant from the terminal.
> 
> It all comes down to who is at the console and what that means. Can you
> understand why I some people think it's crazy to call that an attack
> vector?
>

More information about the hal mailing list