On Wed, 11 Oct 2006 14:12:20 +0200 Gernot Salzer <[EMAIL PROTECTED]> wrote: > Don't mechanisms like libpam_devperm grant exclusive access? > On login the ownership of the devices is set to the console user, > and only the owner is granted rwx-rights. On logout > ownership/permissions of the device revert to the old setting.
First, there is no safe way to revoke privileges from a user. If a user gets access to a certain group he/she can arrange ways to keep it, even after being logged out (make a suid binary for example). Second, several people can login at once on different VTs. > > Since groups are only set when a user logs in it's not possible to e.g., > > add the user to the plugdev group when they plug in a USB stick. You'd > > have to add them to plugdev when they log in. > > Couldn't a script triggered by udev set ownership/permissions to > the current console user, like libpam_devperm does? Why would you want to bring udev in the picture? If you think the scheme used by pam_group (and similar) is secure enough for you, you can also grant access to the plugdev, netdev and powerdev groups. Note that access control is not hard coded to plugdev in dbus, you can edit the files in /etc/udev to have more relaxed access control. Oh, on debian you also need to change the permissions of p{u,}mount > How do end-user Linux distributions that are supposed to work out of the box > (like ubuntu, fedora, suse) solve this problem? World-rwx for all > user devices? All users added to groups like "audio", "video", ...? Afaik, fedora has pam_console or something like that does something like you suggest; give privileges to all users that log in at the console. Also dbus has some support for this, but this isn't compiled in the debian version, because of the caveats I outlined above. > Would it be possible to let all user devices (static or dynamic) be > owned by group "console" with rwx rights, and add/remove the console > user dynamically to/from this group on login/logout? This way > it wouldn't matter whether e.g. the usb stick is plugged in before > or after login. > Wouldn't this solve the problem? As I said, no, it would not solve the problem safely for true multi-user environments. FWIW, there has been some discussion and ideas floating around on the HAL and DBus lists. The current consensus is that we need a secure way for dbus/hal to know what is the current active virtual terminal and how owns it. For mulit-head systems we need a way to specify that certain devices (think usb ports) belong to a certain display. Nobody has had time to implement it yet however. grts Tim -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]