Re: New modules in 2.14

On Wed, Jan 18, 2006 at 10:58:07AM -0500, Ryan Lortie wrote:

> This is exactly the problem.  In order for g-p-m to do its stuff we have
> to add to HAL the ability for any user to say "suspend the system
> now" (since g-p-m needs to do this and it's just running as a normal
> user).  If any user can say "suspend now" then I can be logged in as a
> background user and play nasty tricks on the console user.  HAL
> currently has no mechanism for making a distinction between background
> users and the user that currently 'controls' the machine.

I don't think hal's the right layer to make that distinction. I'm 
working on implementing it at the dbus level.

This isn't something that's limited to power management, so hal is going 
to end up needing this functionality even if g-p-m turned into a system 
daemon. I'd argue that one well-audited mechanism for hal to execute 
privileged code is preferable to half a dozen small system daemons 
running as root and managing to duplicate each others bugs.

Matthew Garrett | mjg59 srcf ucam org

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]