Hi Kay! Kay Sievers [2006-01-12 12:25 +0100]: > (You probably ask, cause Ubuntu has the weird idea of running HAL > unprivileged. It's not weird; letting the complete daemon run as root would make it the central point of attack and failure. We cannot support a distribution release for 3 or 5 with such a gaping potential source of vulnerabilities and problems. We had this discussion several times ([1] is the last one known to me), and it seems that neither side can convince the other, so I do not see a point of these snide statements. (Also, it's not only Ubuntu; Debian has it, too, and running it unprivileged is even the upstream default up to now.) FWIW, I would happily accept the privilege separation architecture that was planned long ago. Matthew Garret and I talked about this yesterday, and I hope that I can find some time to actually implement it. Thanks, Martin, (who still does not understand why everybody else seems to ignore dbus' wonderful way of separating privileges with dbus services and instead uses the old centralized daemon way.) [1] http://bugzilla.gnome.org/show_bug.cgi?id=324207 -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntu.com Debian Developer http://www.debian.org In a world without walls and fences, who needs Windows and Gates?
Attachment:
signature.asc
Description: Digital signature