On Mon, 2007-12-10 at 07:08 +0000, Kevin Kofler wrote: > Matthias Clasen <mclasen <at> redhat.com> writes: > > What do you mean by that ? Blindly allowing every privileged operation > > for everybody ? Or denying it for everybody ? > > In cases like this (real-time priority for sound servers), this used to be > exactly how things worked (or at least were designed to work upstream, > distributions did not always allow everything SUID that wanted it) in the good > old days, sound servers were installed SUID root and just always took real-time > priority. Now PA is SUID root, but asks PolicyKit whether it can actually use > this privilege. So compared with how things used to work, this is seen as an > additional restriction, not an additional permission. > For PA, bringing up the dialog and asking for a password is just a grave UI bug. We should never ask for something like that. Either PA is save enough to run as root, then the default should be to allow it in active sessions. If PA doesn't get a straight "yes" back from polkit, it should not bring up a dialog, but just run without realtime. > Now PolicyKit may also be used to hand out additional permissions, and > there it would be entirely stupid to default to always granting them, > obviously. Exactly. That is the point I was trying to make. This needs to be a case-by-case decision. But it is entirely possible to set up a policy that always says "yes" or "no", and never brings up stupid dialogs. Matthias -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
