On Fri, Oct 11, 2002, David Brownell <[EMAIL PROTECTED]> wrote: > >>Yes. But at that point it's not a hotplug problem, hotplug is > >>just a tool used to solve the problem ... :) > > > > I disagree. The hotplug support in the kernel is the tool. The hotplug > > support in userspace (/sbin/hotplug) is exactly what should be solving > > this. > > The way it _helps_ solve the problem is by providing a hook > that applications -- gphoto, sane, etc -- can use to meet > their security policies.
Like I said before, gphoto, sane, etc, don't have security policies. That's the systems job, not the applications. /sbin/hotplug, being part of the system, should solve this. gphoto and sane have no business telling everyone how to manage privileges. > It's unreasonable to expect hotplug to ship with support for > every random USB-aware application. However it's fine if > installing those apps also installs specialized agents into > /etc/hotplug/usb, which know how to satisfy the application's > requirements ... at that point it's the app solving the > problem (chmodding a file, say) by using the hook. Absolutely wrong. The application really only needs to tell the system what devices it can handle. It's the sytems job to make sure that the application can then use the device. In this case, when I say system, that's however RedHat, etc setup hotplug to match their security policies. > Maybe you're defining terms differently than I am, but in > my book a script like /etc/hotplug/usb/gphoto is part of > that application, not part of the hotplug tools. Even if > it's run because of a hotplug event report. The configuration is part of the app, but the app has no business defining the security policies of the rest of the system. Security needs to be consistent and letting applications do it however way they want is a recipe for disaster. JE ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ [EMAIL PROTECTED] To unsubscribe, use the last form field at: https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
