Johann B. Gudmundsson wrote:
Andrew Farris wrote:
� wrote:
Is there really any need for the user to have root access to the
computer he's or
to contact his system administrator ( in case he has one to begin with )
to format the floppy he wants to save his OO document on ????
And when the user has not put his floppy disk properly in the floppy
drive
is faced with "Unable to mount media <clicks> detail -->
and gets mount: /dev/fd0 is not a valid block device
Instead of userfriendly msg like the cd/dvd rom outputs "There's
probably no media in drive"
which by the way is true in this case...
Mounting and creating filesystems is something that PolicyKit should
allow to be configured, see
System->Preferences->System->Authorizations. This is really a matter
of default polkit policy being written to make it happen (and/or to
prevent it). I think in some cases it would be valuable to prevent a
user from formatting any disks (think internet kiosk or security
sensitive data on a workstation).
We are talking about external HD,USB keys Floppy's..
the same policy should apply to them as CD's ( burning cd or bootable
cd's )
We are not letting users format internal HD without the necessary
privileges.
I was talking about external devices. Its your opinion they should be fully
open to format, its my opinion they should be permitted to be formatted by
default policy but be restrictable...
Regarding internet kiosks workstations etc... then it's just common sense
to those who administer/manage to disable boot from CD's USB Floppy,
Password
protect Grub and disable certain keyboard short cuts etc..
The issue is not only booting, but the ability to lockdown the system and its
behavior to only what is desired (be it browsing a library reference database or
ordering coffee).
Let the administrators do their job and lock down the system or make
adjustments to fit their "work environment" things should be focused on
the desktop/home user...
... the policy needs written. Things would work just fine for the desktop if
there were magically a perfect set of policy rules that permitted it to. Making
it unlocked entirely is a shorterm outlook (much like auto configuring
password-less sudo in other distros so things for the desktop user 'just work').
As I (the user) see it, policykit is an excellent route to take with setup for
what you want. The default desktop install could allow any user logged in to
format external disks without root access if there is policy there to escalate
their privileges for that task alone.
--
Andrew Farris <lordmorgul@xxxxxxxxx> www.lordmorgul.net
gpg 0xC99B1DF3 fingerprint CDEC 6FAD BA27 40DF 707E A2E0 F0F6 E622 C99B 1DF3
No one now has, and no one will ever again get, the big picture. - Daniel Geer
---- ----
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
