Re: External dependencies, DeviceKit-power and GNOME Power Manager

From: David Zeuthen <david fubar dk>
To: Josselin Mouette <joss debian org>
Cc: desktop-devel-list gnome org
Subject: Re: External dependencies, DeviceKit-power and GNOME Power Manager
Date: Tue, 25 Nov 2008 13:39:07 -0500

On Tue, 2008-11-25 at 19:29 +0100, Josselin Mouette wrote:
> Le mardi 25 novembre 2008 à 13:03 -0500, David Zeuthen a écrit :
> > You are of course very free to do whatever you want with your operating
> > system but a couple of points here
> > 
> >  - ConsoleKit has nothing to do with assigning device permissions; dunno
> >    know from where you got that idea. However, ConsoleKit as a mechanism
> >    is typically used to dynamically manage ACL's on device nodes.
> 
> I thought ConsoleKit was responsible for propagating the information
> about console seats that is used to set these permissions. 

ConsoleKit only maintains a database of seats and sessions and
associated information. Think about it as just an information provider;
a mechanism... that's all it is.

> Apparently
> this is wrong and pam_console is still responsible for it on Redhat, so
> please forgive the mistake.

This is off-topic but both HAL, pam_console and udev are used in Fedora
to manage mode, owner/group and ACL's. It's somewhat a mess right now
but that's another story.

(And it's Red Hat, not Redhat.)

> 
> >  - FWIW, mediating device access through group membership is
> >    considered broken by most people that care about security [1].
> >    AFAIK, Ubuntu is moving away from it too.
> 
> I am well aware that group membership is not a silver bullet. Still, I’d
> be glad if security people helped implement the missing pieces in the
> kernel rather than tell us every available solution we have is wrong :)

The kernel is definitely part of this and, FWIW, we (the ConsoleKit
developers) are working with the Linux kernel developers and security
people to get this right (initially the session id wasn't readable to
user space etc.).

Of course there are still things the kernel don't know about; for
example whether a session is currently active (now, whether the kernel
should know about that is a different question) and, in the future, what
devices are mapped to each seat (something the kernel probably shouldn't
care about).

Anyway, for GNOME, it's actually really useful to know if the session is
active; it means you can implement nice policy (according to user owned
preferences) in e.g. Rhythmbox to pause the music. Of course, it's also
use for dynamic ACL management; normally users should only have ACL's
for devices when their session is active.

FWIW, ConsoleKit, as an abstraction, makes it possible for GNOME to rely
on things like session activity without relying on bleeding Linux
versions on Linux at all (e.g. FreeBSD, Solaris, whatever).

     David

Follow-Ups:
- Re: External dependencies, DeviceKit-power and GNOME Power Manager
  - From: Josselin Mouette

References:
- External dependencies, DeviceKit-power and GNOME Power Manager
  - From: Richard Hughes
- Re: External dependencies, DeviceKit-power and GNOME Power Manager
  - From: Denis Washington
- Re: External dependencies, DeviceKit-power and GNOME Power Manager
  - From: Luis Medinas
- Re: External dependencies, DeviceKit-power and GNOME Power Manager
  - From: Richard Hughes
- Re: External dependencies, DeviceKit-power and GNOME Power Manager
  - From: Josselin Mouette
- Re: External dependencies, DeviceKit-power and GNOME Power Manager
  - From: David Zeuthen
- Re: External dependencies, DeviceKit-power and GNOME Power Manager
  - From: Josselin Mouette

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]