Re: [gdm-list] George & Martin - update about GDM

[Jiri Lebl <jirka 5z com>]

Brian Cameron wrote:
> Earlier this year William Jon McCann (he goes by Jon) started an effort
> to rewrite GDM to use D-Bus as its IPC mechanism and to use gobjects for
> better maintainability, reusability, etc.  The GNOME community is very
> interested in moving in this direction, mostly because everyone in
> GNOME loves D-Bus, I guess.  Jon's code is reaching a point where it
> is starting to be usable, and plans are to make the next unstable
> release of GDM (2.21) based on his code.

My opinion would be the following.  D-Bus is great, but if I were still doing
the work, I doubt I would use it for the internal communication.  Internal
chatter between slaves, master, greeters has no need to be "standard" in any
sort of way.  It needs to just be as simple as possible to avoid security
problems.

Plus I have grown to be supporter of the thesis that upgrades should not
break previously working configurations, and should not decrease the feature
set if this feature set is in wide use.  The user doesn't care about internal
organization of the code.  Rewriting a piece of code using the current "in
vogue" model is generally pointless in my opinion and usually just pisses of
the users.  The new version might have all the new buzzwords in it's design,
but doesn't do half the stuff they are used to.  Think of people running
large labs who have custom gdm configurations.  They really won't be too
happy about having to change config and retest all their config and possibly
run older versions of gdm if the new setup doesn't work, just because the new
version was rewritten and only half the old feature set is working.

Finally there is the question of security.  Rewriting large parts of the core
should require a security audit!  Security issues tend to be subtle and
obscure, and tend to be harder to find in more complicaled code (i.e.
dbus/gobject/etc...)  I did not on purpose change the design to GObjects when
I took over gdm.  Martin's design was essentially sound, so I stuck with it.
 If you rewrite large parts of the core, be prepared for several new security
issues to pop up soon.  (plus you really should have someone do a thorough
security audit on new code)  Remember this code runs as "root" and can do
VERY evil things.  Undiscovered security holes are just as bad as discovered
ones.

That's just my opinion.

> If you have the time and interest, it would be useful to get thoughts
> about this rewrite from you past maintainers.  It would be useful to
> hear your thoughts on how you think these changes will impact security,
> any gotchas that you can foresee, etc.

One gotcha that I can think of from the top of my head, is more trouble with
signals in the new setup.  Note that the slave is synchroneous and must
communicate with signals.  Unless you fix this synchroneity (which is very
subtle, you must catch ALL instances where the process could possibly hang
and split of a new process or thread) more complicated code is more likely to
get into subtle race conditions with signals.

Do worry about race conditions coming up.

> For the time being, plans are to drop support for gdmgreeter and
> possibly gdmsetup, though I would imagine they will be added back
> if someone has enough interest and love to port them to the new
> frameworks.  There is one fellow named Lukasz, who has suggested he
> might port gdmsetup, but I'm not sure how serious he is yet.

Since most distros/users use gdmgreeter shouldn't lack of gdmgreeter be
considered a big regression?

As for gdm setup, you mean there won't even be a way to support a gui
configuration?  That does sound like a BIG regression for gnome.

> George, another thing I wanted to mention to you is that William
> believes that he was rewritten (almost) all the code that existed
> before I became maintainer.  There are a few small bits of older
> code still lying around.  William and other involved people have
> expressed they want to drop the Queen of England as maintainer and
> copyright owner.  George, I believe it was you who added the Queen as
> maintainer and copyright holder.  Is that right?

If he wants to actually and truly rewrite all the code just because the
copyright holder is queen of england, I would have him (and others who hold
this opinion) to check with a psychiatrist.  Queen of England was given the
maintainership precisely to piss off ego centric people who want to put their
name up on a pedestal.  It was also to piss off anyone who was unreasonably
serious.

Anyway, the copyright cannot be legally held by queen of england anyway, and
is held by me if you really want to purge her name from there.  Since I don't
work on gdm anymore I don't care what you guys do with her.  Although I don't
see any harm in having Queen of England in the list of copyright holders
instead of me.  But feel free to purge her name, and really don't rewrite
things for such a stupid reason.

> If so, I wanted to ask your thoughts about this.  Would you be
> willing to drop the Queen as maintainer and copyright holder of
> the older bits of code that you worked on?  If so, this would
> allow the project to keep the older code and avoid current plans
> to rewrite it.  Whatever your thoughts on the matter, it might be
> useful if you could send an email to gdm-list gnome org and let
> people know what you think about this.  It might also be useful
> if you were to look over the new code and verify whether you
> agree that the older code owned by the Queen has been removed
> as William believes.

I would actually doubt that all this code (that I did from the time I took
over until you did) has been rewritten.  But I don't care, feel free to
remove the queen if there is a sufficient contingent of real coders lacking
the sense of humor.

George

-- 
George <jirka 5z com>
   This book fills a much-needed gap.
                       -- Moses Hadas (1900 - 1966)