On Mon, 2010-01-25 at 21:55 -0800, Adam Williamson wrote: > This seems quite tricky to formulate to me; I can certainly see all > sorts of legitimate scenarios for remote access to such devices which > you wouldn't want to do as root. I'm not sure if we can really include > this as-is. Certainly; for example, I'll probably be setting up a Linux box to use as a sound server for the house. I guess there are two distinct issues - whether or not remote users can access local hardware, and whether or not users can intercept data going to or from other users and their software or hardware services. To address the second issue directly, I might say something like the following as a general policy: >> Information in the system created by or intended for other users should not be accessible unless: * A user has been authenticated as a superuser * The system administrator has configured a resource to be shared * The other user has explicitly configured the resource to be shared or is explicitly communicating with the first user This requires that by default, software and hardware services such as displays, the desktop, sound, cameras, network ports, printers, scanners, filesystems, and input devices should not "leak" information to other unauthenticated local users. << Whether or not webcams, microphones, and other equipment that might be abused by remote users are "owned" by someone logged in from a local seat or some attempt is made at blocking remote users' access or at warning local users...those seem like questions which might be beyond the scope of this document? If that's the case, is there somewhere in particular to refer this to or which has already taken care of it? -B. -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
