[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-devel] Suspend functionality for Entrance



On 8/24/06, The Rasterman Carsten Haitzler <raster@rasterman.com> wrote:

simply parse that 1 liner - look for the (...something...) and if that starts
with localhost, :, 127.0.0.1, then we know the user is logged in locally or
from locally and we can approve the action.

now - back to if it should be in ecore - no, as entrance doesn't need this
convoluted check system - just exec a command. only e needs it.

I don't think this is a good way to determine access to privileged
commands, even a subset. Just a couple examples of why this is bad:

1. Thin clients - A user connected on a thin client system can look
like a local user, depending on the thin client technology used (VNC
with a local X server, SunRay's, etc).

2. Public access terminal - A system for public access such as in a
lab or cafe. For instance, a local bagel shop in my area has  a
stripped down debian box with mozilla and a terrible minimalistic
window manager available to customers.

While you could argue that both of these circumstances should require
the administrator to customize the E install, I think that is putting
too much faith in how much they will review the installed files.

This may be solved better through the use of PAM hooks. FC5 has
/etc/pam.d/halt that limits shutdown to root or console users. I don't
see anything similar in debian unstable atm, but I may have missed it.