[Pkg-utopia-maintainers] Bug#525495: Please provide a minimal hal package

Harald Braumann harry at unheit.net
Fri Apr 24 22:32:18 UTC 2009


Package: hal
Version: 0.5.11-8
Severity: wishlist

hal is now required for Xorg's input hotplugging. This is also the only thing
I use hal for. I would like to disable all the other functionality. 
My main concerns are about security:

- hal might change device configurations when a new device is detected. I
  don't need that and so it should not be done. That's what udev is for.
- On my system, there are 3 daemons spawned, that run as root! These are
  hald-runner, hald-addon-input, hald-addon-cpufreq. I don't want 
  unnecessary root processes, as I don't trust them. I especially don't
  trust hal daemons, because there doesn't seem to be any documentation
  available, about what they do. There aren't even man pages.
- If I understand correctly, hal can provide access to devices for 
  ordinary users by means of methods and addons. The access is then 
  performed by a privileged process (I guess that's what those root
  processes do). Access is probably protected by some hal internal
  policies. Only with a true capability based system is there at least
  a theoretical chance to make this secure. As Linux doesn't provide this,
  I'd really rather not have this.

It is, however, not easily possible to disable this stuff because the hal 
package ships with all the fdi files. The only solution I've found so far 
is to remove /usr/share/hal/fdi/policy, which is not really practical and
reverted on a package update. Also disabling these things in /etc/hal/fdi
is not practical, because it requires intimate knowledge about hal and the
configuration would have to be revised on each update.

Would it be possible, to provide a minimal hal package that _only_ provides
information about hardware and hotplugging events? All the additional stuff
could be provided in an add-on package, which hal would recommend. I think,
this could be useful also for others who don't use the GNOME or KDE OS.

Cheers,
harry

-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.27.8 (SMP w/1 CPU core)
Locale: LANG=POSIX, LC_CTYPE=de_AT.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages hal depends on:
ii  adduser                     3.110        add and remove users and groups
ii  dbus                        1.2.12-1     simple interprocess messaging syst
ii  hal-info                    20090309-1   Hardware Abstraction Layer - fdi f
ii  libc6                       2.9-4        GNU C Library: Shared libraries
ii  libdbus-1-3                 1.2.12-1     simple interprocess messaging syst
ii  libdbus-glib-1-2            0.80-3       simple interprocess messaging syst
ii  libexpat1                   2.0.1-4      XML parsing C library - runtime li
ii  libgcc1                     1:4.3.3-3    GCC support library
ii  libglib2.0-0                2.20.0-2     The GLib library of C routines
ii  libhal-storage1             0.5.11-8     Hardware Abstraction Layer - share
ii  libhal1                     0.5.11-8     Hardware Abstraction Layer - share
ii  libsmbios2                  2.0.3.dfsg-1 Provide access to (SM)BIOS informa
ii  libstdc++6                  4.3.3-3      The GNU Standard C++ Library v3
ii  libusb-0.1-4                2:0.1.12-13  userspace USB programming library
ii  libvolume-id0               0.125-7      libvolume_id shared library
ii  lsb-base                    3.2-22       Linux Standard Base 3.2 init scrip
ii  mount                       2.13.1.1-1   Tools for mounting and manipulatin
ii  pciutils                    1:3.1.2-3    Linux PCI Utilities
ii  pm-utils                    1.2.4-2      utilities and scripts for power ma
ii  udev                        0.125-7      /dev/ and hotplug management daemo
ii  usbutils                    0.73-10      Linux USB utilities

Versions of packages hal recommends:
ii  eject           2.1.5+deb1+cvs20081104-5 ejects CDs and operates CD-Changer
pn  libsmbios-bin   <none>                   (no description available)

Versions of packages hal suggests:
pn  gnome-device-manager          <none>     (no description available)

-- no debconf information





More information about the Pkg-utopia-maintainers mailing list