-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday 27 March 2004 06:05 pm, Robert Marcano wrote: > On Sat, 2004-03-27 at 18:34, Gary L Greene Jr wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > > > This is a proposal for a standard to accommodate the accessibility of the > > filesystem by end-users. We request discussion on this as a new standard. > > The URL to get to the document is: > > > > http://www.csis.gvsu.edu/~abreschm/uafhs/ > > I am sure that the filesystem can be arranged in order to make it more > easy to use to the desktop user, Your ideas of a shared directory is > nice, but letting the user "Easily install software without escalating > their privileges" is something that I don't like. The only way that I > like a shared directory is if it is mounted from a filesystem with the > "noexec" flag. > > I think that the software installation can be made easy with the help of > a better "Add/Remove Programs", and the security aspect could be > enhanced with the help of a SELinux policy for this program(s) (I am not > an expert in SELinux, so I could be wrong) The problem with adding software installation only through the root directories is that you still need to have root privileges to install a program. This proposal is to allow people to install programs, but not as root. This adds no new abilities. None. It just makes it easier. Already, people can install any program in their home directory, it is just a lot of hassle. This is just a way to organize it. The purpose is for home installation. Here is a sample setup: I have a computer used by four people. I own it and want to run it. I want to allow the other people to install programs without asking me. This lets them do installations without needing to be root. This doesn't pose a security issue because the programs installed thus do not have higher privileges than those of the user that installed them. This will in fact improve security on many home installations because users will not need to be constantly entering their root password and will be less likely to just turn the root password off. Also, note that this is not intended for server installs, as is stated in the proposal. Thank you for the feedback. > > I am a member of the Ark Linux team, who is interested in seeing the > > Linux desktop become a viable option. I apologize for the cross-posting. > > > > - -- > > Gary L. Greene, Jr. > > -- > Robert Marcano - -- Gary L. Greene, Jr. Sent from uriel.gvsu.edu 6:25pm up 5:40, 5 users, load average: 0.71, 0.42, 0.29 ============================================================ Volunteer developer for the Ark Linux Project check out http://www.arklinux.org/ for more info. Also http://www.csis.gvsu.edu/~greeneg/ PHONE : (616) 331-0849 EMAIL : greeneg@xxxxxxxxxxxx ============================================================ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAayBvrTQE7CqFxs8RAqQNAJ9zrz3coew32N+jP2gMsFMR2G8PtwCggtPM reoC6fuUAgfI0FXG/nNFFyw= =AJyS -----END PGP SIGNATURE-----
