Bug#458007: boincmgr: local preferences are not saved

Sun Dec 30 17:59:30 UTC 2007

Hi Sandro,

On Friday 28 December 2007 16:50, Sandro Tosi wrote:
> It would help for sure! Anyway, I'd like to elaborate some other
> solution to this, for example: since using boinc manager I can
> stop/start elaboration, attaching to/detach from project and so on
> with a normal user (nor boinc nor root) why can't I even change local
> preferences? Would be a such a real threat?

I just went through the old discussion that resulted in restricting the 
permissions of the conffiles again, to refresh my memory why it has been 
changed. The relevant parts can be found here:
http://bugs.debian.org/407678
http://lists.alioth.debian.org/pipermail/pkg-boinc-devel/2007-January/000525.html
http://lists.alioth.debian.org/pipermail/pkg-boinc-devel/2007-January/000526.html

The reasons for restricting the permissions of the gui_rpc_auth.cfg file are 
technically sound and IMHO undisputable. For the other files it was generally 
assumed that only root needed to modify them, because at the time as #407678 
was reported, the BOINC core client and the BOINC Manager didn't have the 
feature to modify preferences locally. This has changed since then resulting 
that the default permissions of the global_prefs_override.xml file only 
causes problems for users of the BOINC Manager (otherwise #441792 and #458007 
would not have been filed). I agree with you that it is unreasonable that one 
is currently able to shut down connected clients or to attach/detach projects 
using the BOINC Manager but unable to change local preferences with the BOINC 
Manager. I'm currently considering to change the permissions of the 
global_prefs_override.xml file from 0644 to 0664 so that the BOINC core 
client can write to this file.
The permissions for the cc_config.xml file will stay at 0644, because there is 
currently no need for the client to write to this file. If this will change 
and the BOINC Manager will get an interface for modifying cc_config.xml, its  
permissions will probably also be changed to 0664.

> I know that is root that install boinc software, but once done, every
> user can change boinc behaviour; so, adding a note in README.Debian
> would allow the admin to workaround the problem.

Since the boinc-client comes in the default configuration with no password in 
the gui_rpc_auth.cfg file (so everybody on localhost can connect to the 
client) it is more comfortable to have the global_prefs_override.xml file 
writeable by the boinc user. Setting a password or changing the permissions 
of conffiles is easier for system administrators than figuring out why local 
preferences are not saved for normal users. However, adding a note to 
boinc-client's README.Debian how to prevent users from changing local 
preferences is still a good idea.

> A similar issue is for graphics visualization (I would fill a
> separated report, but since we are discussince about authorizations):
> since boinc-client is running as 'boinc' and the X not (since it's
> started by the logged in user) no graphics is displayed by default;
> the used need to explicitly allow boinc to use its X session, and this
> could be a problem for non-experienced users. I'd like to adress this
> problem too.

This will be addressed in BOINC 6, there the graphics application will be 
executed as the user who started the BOINC Manager.

Grüße,
Frank
-- 
Die Garde stirbt, aber sie ergibt sich nicht!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-boinc-devel/attachments/20071230/091f30fe/attachment.pgp 