And like I said, being part of the system, its job is to
*FOLLOW* policies. The _only_ policy it has any business
defining is "default-secure". Just look at all the trouble
MSFT causes by choosing "default-unprotected"!!
...
Perhaps one missing piece here is the observation that security
policies should be controlled by a person, likely by whoever owns
the hardware. They're not part of the OS or the application.
Sure and they control that by configuring hotplug.
However, hotplug is more certainly part of the OS and as a result, is
what defines the the security policy.
Actually, it's the _configuration_ that controls the policy.
That may changed by the user, but most certainly not by the application.
It's commonplace for application installation to need to set
things up. That's a one-shot deal. Changing it after that
is another kind of sysadmin task. Maybe the "user" does both
things, or maybe the distro does the install ...
Right now, there is nothing in the standard hotplug userspace that makes
this easy for anyone. It encourages applications to do the hideous thing
and do whatever they think is best.
We should provide some sort of standard support where an application can
install a configuration of what devices it can support and the OS does
the rest.
This is the chance to set a standard.
Since the last hotplug release, the way to do this is:
- /etc/hotplug/usb/FOO.usermap ... what devices supported
- /etc/hotplug/usb/FOO ... what to do when they're connected
My concern is that there's no tool that the FOO scripts can use to:
* pop up a KDE/Gnome/... window on my desktop
* associate the device with my login session (permission etc)
Both of these should be quite doable, they just haven't been done.
If that's what you were getting at, we agree.
- Dave
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
[EMAIL PROTECTED]
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
