Sharing devices "out of the box"
Rahul Sundaram
sundaram at fedoraproject.org
Thu Dec 28 06:01:37 UTC 2006
Dominik 'Rathann' Mierzejewski wrote:
> On Wednesday, 27 December 2006 at 20:14, Paul Michael Reilly wrote:
>> I've made my FC6 laptop available to family members (including grandma)
>> as a shared machine. I've taught them to log into their own session
>> using "switch user" so that they are on their own vt session. Works
>> nice until they want to share devices, like audio and the CD burner.
>> For FC6 I have to take pains to set up permissions appropriately but it
>> does occur to me to ask how Rawhide should deal with this. There seem
>> to be two schools of thought:
>>
>> 1) Sharing devices automagically is a no-brainer; it must be turned on
>> by default.
>>
>> 2) Sharing devices is a security weakness and no self respecting distro
>> would enable such a thing by default.
>>
>> It's all well and good when the PC is set up by a someone reading any of
>> the Redhat lists but should there come a day when Dell (or some such)
>> ships RHEL this issue and lots more like it will be on the table.
>>
>> It does occur to me that maybe the current user (the one who currently
>> owns X, the "selected" user for lack of a better description) should
>> dynamically own devices but this is not very satisfying: perhaps the
>> various users set their own special IM sounds in which case the distro
>> is setting policy rather than mechanism. So the issue does get
>> complicated quickly. Left to my own devices, I'd share the devices by
>> default and build in the ability to graphically configure device sharing
>> which smacks of a desktop (Gnome/KDE/Xfce/?) solution which might just
>> already exist and I haven't come across such a beast.
>
> You could put a question in anaconda (or firstboot) if you want to share
> devices with console users by default and configure accordingly (g+rw for
> devices and add local users to some special group?)
These sort of questions shouldnt be pushed to the user. Choose a good
default and make it easily configurable without relying on Anaconda.
Also see http://fedoraproject.org/wiki/Desktop/FastUserSwitching which
talks about device permissions.
Rahul
More information about the fedora-devel-list
mailing list