Re: More desktop security thoughts (was Re: GNOME privilege library)
- From: Alan Cox <alan lxorguk ukuu org uk>
- To: Mike Hearn <mike navi cx>
- Cc: desktop-devel-list gnome org
- Subject: Re: More desktop security thoughts (was Re: GNOME privilege library)
- Date: Sun, 16 Jan 2005 00:59:07 +0000
On Sad, 2005-01-15 at 14:17, Mike Hearn wrote:
> - User installs RPM built for newer version of their distro, RPM tells
> them to upgrade glibc, they search around and find a glibc built for
> an entirely different distro, RPM installs it uncomplainingly and now
> their system won't boot. They just Had To Know that you can't do that.
This is why you don't treat rpm as a user tool. I think we all know that
is the case. The tools currently shipped graphically are up2date (and
extras folks have some yum wrappers and of course synaptic). Having
users figure out package dependancies is dumb. Hell having system
administrators sort out package dependancies is dumb too. The graphical
and packaging tools don't manage user specific installations at all.
There isn't a graphical tool to subscribe to other channels - thats a
lack in the desktop on pretty much all Linux distributions and
unfortuantely I suspect vendor control mentality is part of that one.
Its sad because its just a mime type and a web browser helper to click
and subscribe to yum/apt channels.
> - Fedora pushes a kernel upgrade which breaks the nVidia drivers,
> rendering any 3D game useless. As it only takes effect on reboot
> this one is especially annoying as you can do an update, go on holiday
> for a week and have totally forgotten about it when you get back.
Fedora is a free software product. I suspect many others would see that
the same way.
> Right now there's no way I'd give a Fedora/Ubuntu desktop to a non-
> technical home user without being closely supervised, for those reasons
> alone. Automatic updates that break things by design will just get
> switched off or ignored really quick.
I'd just skip giving Nvidia cards to such users 8)
> The sad thing about the nVidia driver is that the 'nv' source shipped
> with X.org is only open source by virtue of it coming in a form readable
> by a compiler. One X developer has called it a "binary driver in source
> form" it's so heavily obfuscated - it's certainly not easily understood
> or hackable by the community, so as far as I'm concerned there are no
> Free nvidia drivers at all.
I spent a long time analysing the 3D driver early obfuscating release
and deciphering it. I can draw 3D triangles quite happily on a Riva128
or a TNT and the 2D driver isn't very hard to understand. There rivatv
folks have some fairly good documentation on all of it but the DMA
channel and DMA context stuff. The 2D driver is ugly but its quite easy
to follow IMHO.
] [Thread Prev