[Pkg-utopia-maintainers] how to override polkit defaults?
Michael Biebl
biebl at debian.org
Fri Mar 30 08:50:47 UTC 2018
Am 30.03.2018 um 04:36 schrieb Christoph Anton Mitterer:
> The reasons seems to be that udisks' default policy allows any "local"
> users pretty vast access (powering off, editing/deleting partitions,
> etc.) on devices it doesn't consider to be system devices.
>
> No idea how it decides what a system disk is, but anything connected
> via USB doesn't seem to be.
>
> This alone is IMO a grave security hole, but getting it fixed is
> probably fighting windmills, as there seem to be a clear direction
> towards the simple-desktop-system model, i.e. one user, computer anyway
> fully physically accessible to any user sitting in front of it.
Fwiw, I don't agree here. A computer should be usable by default.
We have a conservative, but usable default policy in Debian, imho.
If a computer is not usable, users will start to employ hacks and
workarounds, which would be worse.
For a specialized lab setup you are indeed encouraged to setup you own
policies and lock down stuff further.
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20180330/0eacb19f/attachment.sig>
More information about the Pkg-utopia-maintainers
mailing list