On Sat, 2009-03-14 at 14:39 -0600, Michal Jaegermann wrote: > On Fri, Mar 13, 2009 at 05:50:58PM -0400, James Laska wrote: > > > > = DeviceKit = > > > > Ever notice how the graphical disk management functionality present > > during a Fedora installation is not available after you've installed > > your system? > > > > <Enter DeviceKit on stage left> > > AFAICS this is the next big security disaster in the making. > Something on par with this broken clock access via clock-applet or > maybe even worse. It is not apparent how to prevent totally screwed > defaults from taking over. > > The problem is that all partitions from the _fixed_ media become > available for scribbling, through a "Computer" browser, for anyone > with a login on a desktop. Some of these, apparently at random, are > even automounted (and spill a garbage with such descriptive names > like "260 MB Filesystem" all over a desktop). It looks like that > the only "security" model considered is "one user per machine and > preferably as root or at least with a root access". Somebody spent > much too much time on Windows and never heard words like a "backup", > "another installation", "limited access", etc. > > Expect the same "swift reaction", or rather a total lack of it, > as in a clock-applet case. -devel may be a better place to discuss this, I think. The security model for DeviceKit is 'use PolicyKit'. DeviceKit uses the policies set by PolicyKit to regulate access to storage devices. If you want a restrictive policy on such access, set it up in PolicyKit. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- fedora-test-list mailing list fedora-test-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-test-list
