DJ Delorie wrote:
Lennart Poettering <mzerqung@xxxxxxxxxxx> writes:
Again, as mentioned before: key here is that permitting user processes
to stick around after all sessions of the user ended needs to be a
privilieged concept. It should not be allowed for user code to stick
around after logout, unless this is explicitly permitted by the admin,
and this hence needs to be enforced by privileged code.
How many Fedora installs are multi-user these days? How many
single-user desktops are we afflicting with a "you must ask an admin"
rule, when there is no admin besides the user sitting at the keyboard?
Any rule that tries to split users into "unpriviledged" and "admin" is
short-sighted.
Agreed. And the basic premise is utterly wrong. The user was obviously
permitted to login to the machine, they are therefore permitted to run
processes on the machine. Whether their shell process stays alive or not is
utterly irrelevant, any other processes that continue to run after their login
shell terminates is still legitimately using the machine. To call running
without a control terminal "privileged" is inventing new definitions out of
thin air. There is no logical basis for it. The entire premise is invalid.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
