[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: security vs. usability
From: Hans Meine <hans_meine () gmx ! net>
Date: 2001-02-06 17:33:23
[Download RAW message or body]
Bernhard Rosenkraenzer <bero@redhat.de> writes:
> > I think it is more wise to just abort() and hit the programmer in the face
> > that he should think of a better way on how to solve your problem instead
> > of allowing such extremely dangerous features.
>
> This works for programmers, but what about the admin who just wants to
> give his (trusted) users access to the CD writer?
- either chmod/chown the devices to a "cdburning" group in which you can
put some users
- or if the upper doesn't work:
* why have the mentioned "20 million loc" (KDE+X) run as root instead of just
cdrecord? I hear that does not work either? Then: WHY?
If there's another euid()!=uid() test then there must be a reason, no?
It should be fixed there, IMHO - no, really this is some stuff for service
providing daemons like the mentioned Caldera ones.
OK: I understand since all the latter nifty stuff does not exist yet, the current
procedure is a hassle, but kdelibs is not the reason IMHO. ;-)
--
Ciao, / /
/--/
/ / ANS .,* Hamburg, Germany *,.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic