Re: gnome-user-share



On Fri, 2004-09-10 at 09:08 +0200, Alexander Larsson wrote:
> On Thu, 2004-09-09 at 22:46 +0200, Carlos Garnacho wrote:
> > Hi Alex,
> > 
> > On Thu, 2004-09-09 at 15:55 +0200, Alexander Larsson wrote:
> > > I just released the first tarball of gnome-user-share, as described in
> > > my blog at http://www.advogato.org/person/alex/diary.html?start=10.
> > > 
> > > Just install it, run the app and enable it in gconf
> > > at /desktop/gnome/file_sharing/enabled and the shares should appear in
> > > nautilus.
> > > 
> > > Of course, it needs a UI to enable/disable, some integration with gnome-
> > > session and maybe a UI to manage the .htaccess file, but it at least
> > > works.
> > 
> > Nice work, this is a really needed feature, in fact, I've been also
> > developing in the past days a solution to the sharing problem in the gst
> > (as described in my blog [1]), the current code is still in testing
> > process before I branch and commit it to HEAD, but seems to be working
> > quite fine for both SMB and NFS [2], my idea was to gather all the
> > sharing stuff in a simple app integrated with nautilus (a-la right click
> > & share)
> > 
> > It's true that g-s-t require root password to do anything, and hence
> > aren't accessible as easily as it's changing a gconf key, but this will
> > change a lot in the next version, as there will be gnome-keyring
> > integration.
> 
> Surely, you are not proposing to store the root password in gnome-
> keyring? You might as well have no root password. gnome-keyring is an
> API for requesting passwords for applications, so any app/virus/trojan
> could ask for the root password and then break into your system.
> Normally you get a dialog asking for permission first, but even that can
> be bypassed by a clever person, as the root password is in readable
> memory in one of your processes.

Holy crap! Then I'm glad that epiphany still doesn't use g-k, anyone
could access their bank account through internet and store the password
there, or simply access to their servers at work from home. My root
password isn't valuable at all besides losing my money, job, etc...
because of such weird use ;)

Thanks for pointing this out, though

> 
> > As an advantage I could say that there could be only httpd processes
> > which would belong to root user, and that changing preferences for a
> > directory would be a lot easier, since the gst backends have lots of
> > stuff for parsing/replacing config files
> 
> In the case of single-user desktop machines/laptops where gnome-user-
> share is mostly meant to be used (in a real network setup you have
> things like nfs homedirs anyway, so sharing files is easy) you wouldn't
> run a root httpd, so in fact you'd only run one httpd. Furthermore, the
> httpd is configured to use little memory, as its meant to run passively
> in the background.
> 
> And the fact that it is run as the user is on-purpose. Its safer, not
> having the ability to possibly gain root access. Its more right when
> reading/writing files to be running as the user uid, since that gets the
> right permissions of files created, and doesn't allow you to read/write
> to files your user can't.
> 
> Also, gnome-user-share doesn't ever parse config files, so that is not a
> problem. It just uses its own specially written config file and "-c
> <directive>" arguments to httpd to set user-specific things. This is
> much easier than having to parse stuff and is less prone to breaking.
> 
> > So I'd be really glad if we somehow merge this in a single app :)
> 
> I realize there is a need for a way for sysadmin style users to easily
> set up "global shares", but i'm personally not very interested in this.

hmmm, sharing things in windows networks is "sysadmin stuff"? In my
really humble opinion, we should provide some way to make gnome network
friendly under as many circumstances as possible, in any work I've been
before (and in any home with >2 computers with windows) there was a
windows networking, and I don't expect this to change anytime soon.

Anyway, seeing the lack of interest, I withdraw my proposal

	Carlos

> 
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>  Alexander Larsson                                            Red Hat, Inc 
>                    alexl redhat com    alla lysator liu se 
> He's a short-sighted moralistic vagrant who must take medication to keep him 
> sane. She's a plucky extravagent lawyer from a different time and place. They 
> fight crime! 
> 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]