ramblings about privileges
Artem Kachitchkine
Artem.Kachitchkin at Sun.COM
Sun Jan 22 17:51:55 PST 2006
> http://freedesktop.org/~david/libhal-policy.h
Yes, that's simple and flexible.
Thinking about this further though, I don't seem to be convinced of the
value of per-device granularity. In practice, it is very hard to
identify a piece of media uniquely *and* reliably. Identifiers (such as
UUID) are easily forgable, and often misused (i.e. used for purposes
they were not designed for). It might give people a false sense of security.
Distinction between fixed and removable makes sense.
For each of these, have a whitelist and a blacklist.
Distros or sysadmins can make white/blacklisting scalable across
enterprise through unix groups e.g.:
fixedmount::12345:davidz,dilbert
removablenomount::12346:alice,sally
/etc/hal/policy.d/storage.conf needs to be set for these groups only
once. With this setup, while/black lists are pushed through NIS or LDAP
or whatever - no need to push /etc/hal/policy.d/storage.conf file to
every user machine.
-Artem.
More information about the hal
mailing list