[Pkg-utopia-maintainers] Bug#525495: Please provide a minimal hal package
Harald Braumann
harry at unheit.net
Fri Apr 24 22:32:18 UTC 2009
Package: hal
Version: 0.5.11-8
Severity: wishlist
hal is now required for Xorg's input hotplugging. This is also the only thing
I use hal for. I would like to disable all the other functionality.
My main concerns are about security:
- hal might change device configurations when a new device is detected. I
don't need that and so it should not be done. That's what udev is for.
- On my system, there are 3 daemons spawned, that run as root! These are
hald-runner, hald-addon-input, hald-addon-cpufreq. I don't want
unnecessary root processes, as I don't trust them. I especially don't
trust hal daemons, because there doesn't seem to be any documentation
available, about what they do. There aren't even man pages.
- If I understand correctly, hal can provide access to devices for
ordinary users by means of methods and addons. The access is then
performed by a privileged process (I guess that's what those root
processes do). Access is probably protected by some hal internal
policies. Only with a true capability based system is there at least
a theoretical chance to make this secure. As Linux doesn't provide this,
I'd really rather not have this.
It is, however, not easily possible to disable this stuff because the hal
package ships with all the fdi files. The only solution I've found so far
is to remove /usr/share/hal/fdi/policy, which is not really practical and
reverted on a package update. Also disabling these things in /etc/hal/fdi
is not practical, because it requires intimate knowledge about hal and the
configuration would have to be revised on each update.
Would it be possible, to provide a minimal hal package that _only_ provides
information about hardware and hotplugging events? All the additional stuff
could be provided in an add-on package, which hal would recommend. I think,
this could be useful also for others who don't use the GNOME or KDE OS.
Cheers,
harry
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.27.8 (SMP w/1 CPU core)
Locale: LANG=POSIX, LC_CTYPE=de_AT.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages hal depends on:
ii adduser 3.110 add and remove users and groups
ii dbus 1.2.12-1 simple interprocess messaging syst
ii hal-info 20090309-1 Hardware Abstraction Layer - fdi f
ii libc6 2.9-4 GNU C Library: Shared libraries
ii libdbus-1-3 1.2.12-1 simple interprocess messaging syst
ii libdbus-glib-1-2 0.80-3 simple interprocess messaging syst
ii libexpat1 2.0.1-4 XML parsing C library - runtime li
ii libgcc1 1:4.3.3-3 GCC support library
ii libglib2.0-0 2.20.0-2 The GLib library of C routines
ii libhal-storage1 0.5.11-8 Hardware Abstraction Layer - share
ii libhal1 0.5.11-8 Hardware Abstraction Layer - share
ii libsmbios2 2.0.3.dfsg-1 Provide access to (SM)BIOS informa
ii libstdc++6 4.3.3-3 The GNU Standard C++ Library v3
ii libusb-0.1-4 2:0.1.12-13 userspace USB programming library
ii libvolume-id0 0.125-7 libvolume_id shared library
ii lsb-base 3.2-22 Linux Standard Base 3.2 init scrip
ii mount 2.13.1.1-1 Tools for mounting and manipulatin
ii pciutils 1:3.1.2-3 Linux PCI Utilities
ii pm-utils 1.2.4-2 utilities and scripts for power ma
ii udev 0.125-7 /dev/ and hotplug management daemo
ii usbutils 0.73-10 Linux USB utilities
Versions of packages hal recommends:
ii eject 2.1.5+deb1+cvs20081104-5 ejects CDs and operates CD-Changer
pn libsmbios-bin <none> (no description available)
Versions of packages hal suggests:
pn gnome-device-manager <none> (no description available)
-- no debconf information
More information about the Pkg-utopia-maintainers
mailing list