ramblings about privileges
David Zeuthen
david at fubar.dk
Sun Jan 22 10:25:54 PST 2006
On Sat, 2006-01-21 at 20:15 -0800, Artem Kachitchkine wrote:
> So we define a set of policy attributes (not too fine- and not too
> coarse-grained, as you said) and a set of access functions, like
> hal_get_policy() and hal_set_policy().
Right, something like this
http://freedesktop.org/~david/libhal-policy.h
So.. in HAL we'd just ship libhal-policy as a library and provide simple
command-line front-ends to this in our scripts. The aforementioned
dialogs uses this too. We can always just change the library to query
gconf, SMF, LDAP, whatever, and vendors just ship what they feel like.
Intially we'd use a text based back-end though.
Hmm.. all this feels a little bit like reinventing the wheel, but whee,
eh, we need something like this. Perhaps other projects can benefit from
this at some point (things like printer queues and cups comes to mind)
but, eh, I'm not holding my breath.
> I think that takes care of requirements d and e. The interesting part,
> of course, is finding a balanced set of policy attributes.
Indeed.
David
More information about the hal
mailing list