[Pkg-utopia-maintainers] how to override polkit defaults?

Michael Biebl biebl at debian.org
Fri Mar 30 08:50:47 UTC 2018


Am 30.03.2018 um 04:36 schrieb Christoph Anton Mitterer:

> The reasons seems to be that udisks' default policy allows any "local"
> users pretty vast access (powering off, editing/deleting partitions,
> etc.) on devices it doesn't consider to be system devices.
> 
> No idea how it decides what a system disk is, but anything connected
> via USB doesn't seem to be.
> 
> This alone is IMO a grave security hole, but getting it fixed is
> probably fighting windmills, as there seem to be a clear direction
> towards the simple-desktop-system model, i.e. one user, computer anyway
> fully physically accessible to any user sitting in front of it.

Fwiw, I don't agree here. A computer should be usable by default.
We have a conservative, but usable default policy in Debian, imho.
If a computer is not usable, users will start to employ hacks and
workarounds, which would be worse.
For a specialized lab setup you are indeed encouraged to setup you own
policies and lock down stuff further.

Michael
-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20180330/0eacb19f/attachment.sig>


More information about the Pkg-utopia-maintainers mailing list