Heads up for login managers
Miloslav Trmac
mitr at redhat.com
Mon Feb 12 20:31:02 UTC 2007
David Zeuthen napsal(a):
> We can't use uid for this because you might be
> logged in multiple times and at different seats. For example; if you're
> inactive at seat A you should not be able to invoke Mount() on HAL on a
> storage device that is exclusive to seat A just because you're active on
> seat B.
That can be prevented by allowing the access to Mount(seat_A, *) only to
the UID active at seat A.
There is no need to prevent a process with UID $foo running in the
inactive session at seat A from accessing Mount(seat_B, *) while a
session with UID $foo is active at seat B, is there?
Mirek
More information about the Fedora-maintainers
mailing list