Networking and the firewall (Was Re: Isn't it time for the encrypted file system???)
David Zeuthen
davidz at redhat.com
Thu Mar 30 16:54:54 UTC 2006
On Thu, 2006-03-30 at 11:09 -0500, Matthew Miller wrote:
> On Wed, Mar 29, 2006 at 08:10:40PM -0500, David Zeuthen wrote:
> > > Sounds good, although I wonder if it might be nicer to implement this in a
> > > way similar to that described here: <http://blog.fubar.dk/?p=66>.
> > Yea, that's what I was rambling about in my other mail.
>
> Are you interested in the run-as-user functionality for consolehelper I
> suggested in your blog comments? I'd hate to see yet another duplication of
> the how-to-let-regular-users-auth-for-higher-privs wheel.
>
> It seems like consolehelper has pretty much everything that's required for
> that part of the process, except as it stands, it only can execute things as
> root rather than running programs as your suggested unprivileged "system
> user".
No, my view is that consolehelper is fundamentally flawed. Now that we
have something like D-BUS there is absolutely no reason, apart from
laziness, that you ever want run X11 programs as root or another user.
Think for a minute about just how much code runs with root. Not to
mention desktop integration issues [1].
Yet, I note that even more programs in FC5 use consolehelper. I do
realize it's the best Fedora got so far (and that this message comes
across as harsh, sorry) but that doesn't mean we shouldn't replace it
with something more secure along the way.
I think that we, as the Fedora project, should have a goal of completely
removing consolehelper from the distribution some day. It's a lot of
work but the first step is having a consensus that we can do better.
Actually I posted about what I think needs to be done in Fedora to do
this right here
http://lists.freedesktop.org/archives/hal/2006-March/004797.html
though I didn't put in too much time thinking about it. Consider it at
least inspiration.
Btw, a lot of people (with or without an @redhat.com email address, not
that it matters) might not agree with me here. Make up your own mind
about this.
David
[1] : Try running System->Administration->System Log Viewer; open a log
file and look at the file chooser. Not to mention gconf issues.
More information about the Fedora-maintainers
mailing list