Martin Pitt wrote: > Hi Kay! > > Kay Sievers [2006-01-12 12:25 +0100]: >> (You probably ask, cause Ubuntu has the weird idea of running HAL >> unprivileged. > > It's not weird; letting the complete daemon run as root would make it > the central point of attack and failure. We cannot support a > distribution release for 3 or 5 with such a gaping potential source of > vulnerabilities and problems. > > We had this discussion several times ([1] is the last one known to > me), and it seems that neither side can convince the other, so I do > not see a point of these snide statements. > > (Also, it's not only Ubuntu; Debian has it, too, and running it > unprivileged is even the upstream default up to now.) > > FWIW, I would happily accept the privilege separation architecture > that was planned long ago. Matthew Garret and I talked about this > yesterday, and I hope that I can find some time to actually implement > it. > > Thanks, > > Martin, > (who still does not understand why everybody else seems to ignore > dbus' wonderful way of separating privileges with dbus services and > instead uses the old centralized daemon way.) > > [1] http://bugzilla.gnome.org/show_bug.cgi?id=324207 > > > ------------------------------------------------------------------------ > > _______________________________________________ > utopia-list mailing list > utopia-list gnome org > http://mail.gnome.org/mailman/listinfo/utopia-list As the Gentoo maintainer for HAL, pmount, dbus, g-v-m, g-p-m, and the rest of the mess of applications. I'm going to have to agree with Martin here. Gentoo has not run HAL as a privileged user since the 0.4.x releases. And nor will I make the change to a privileged user for the reasons Martin listed. -- Doug Goldstein <cardoe gentoo org> http://dev.gentoo.org/~cardoe/
Attachment:
signature.asc
Description: OpenPGP digital signature