[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Access to cd device denied for cdp

On Thu, 29 Apr 2004, Lamont R. Peterson wrote:

> On Wed, 2004-04-28 at 16:42, Thomas Molina wrote:
> > Please do not use that abomination called kudzu to determine policy.  
> > 
> > First off, userland tools have no place in determining policy in my 
> > opinion, especially not in the case of removable media.
> > 
> > Secondly, I despise kudzu.  It is an abomination which get removed 
> > forthwith from any system I maintain.
> Oh, come on now, Thomas, please, don't hold back; tell us how you really
> feel :-).
> Seriously, though, I am curious to know what is wrong, here.  Aside from
> the fact that kudzu is for hardware detection and SELinux is not
> hardware, why is kudzu (in your opinion) is so "evil"?

All hyperbole aside, it is a userland tool which has the potential to 
affect policy with unintended consequences.  I have seen it mess up 
hardware detection enough that I don't don't trust it.  

While there is a need for a hardware detection tool for setting up a 
system, I don't believe it is something which needs to be run as a 
background daemon as RedHat has it set up.  We have hotplug and friends 
for USB and those parts of the system designed to have components 
dynamically added and removed.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]