Re: Networking and the firewall (Was Re: Isn't it time for the encrypted file system???)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2006-03-30 at 12:44 -0500, Matthew Miller wrote:
> Well, having this would allow the existing consolehelper to take the place
> of the "polkit-su" tool you mention in
> <http://lists.freedesktop.org/archives/hal/2006-March/004770.html>. So
> instead of having a new thing, consolehelper could auth to access your
> 'polkit' user.
> 
> It seems better to me to make this rather small change to consolehelper
> rather than to make yet another tool from scratch. Maybe I'm missing
> something important, though -- that often happens. :)

Indeed, the whole idea of using polkit-su have been abandoned after
discussion on on the hal list when someone from SUN and SUSE proposed a
better approach. Isn't open development great?

However, it's all work in progress at the point and since it's rather
complex and deals with privilege escalation I've started writing a spec
how all this is supposed to work. I'm not done yet with the spec.. but
this is how far I've got

 http://webcvs.freedesktop.org/*checkout*/hal/PolicyKit/doc/spec/polkit-spec.html

and I hope at least the diagram explains what the point is. I do expect
this to be baked at some point rather soon as it's holding back hal and
gnome-mount releases :-) ... at least the difficult part of doing PAM
over D-BUS is done and I already got proof of concept work.. so.. it's
in a state of needing documentation of having a list of TODO's being
worked on. If anyone wants to help out (I'm doing this mostly in my
spare time as I'm tied up with other commitments at work) please join
the hal list and send mail.

Hope this helps.

    David



[Index of Archives]     [Fedora Users]     [Fedora Development]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux