Thomas Leavitt wrote: > I also noticed that "/etc/shells" has a long list of shells. It seems > just slightly strange to me that, on a device this resource constrained, > they'd "waste" even that many "bytes" by not truncating this file... > makes me wonder what other potential "optimizations" haven't been done. The savings in this case would be at most 0.0001% of the flash memory use and RAM footprint. When maemo developers have time to work on optimizations like this, we'll be doing great... > I also wonder how the synaptic install package managed to add a line > referencing itself to /etc/sudoers... if the app installer permits > modifications of this sort to be made to /etc/sudoers, doesn't that > suggest someone could simply write an app that added the line below, or > write a malicious app that gave itself root privileges? The app installer runs as root just like every other package manager on any linux distro. When you install a package, the post- and pre-install scripts naturally run as root. So yes, what you suggest is possible, and this is not at all maemo-specific. See SELinux or AppArmor for solutions. Incidentally, this can be seen as a selling point for centralized repositories: The repo administrator has at least a theoretical possibility of checking the install scripts... > What's the default password for "user"? Will changing it affect > anything, since obviously the system auto-starts? Password is not set by default, IIRC. The GUI will still autologin after you've set the password. Sshing in becomes possible with the passwd. I typically unset the root passwd after I've setup passwd and sudo-rights for "user" just to be sure. HTH, Jussi
