Re: new thing to make people turn crazy
François Patte wrote, On 03/17/2009 04:08 PM: Bonsoir, I plugged an usb drive on my computer and, instead of being mounted as usual, a popup window opened claiming that some application was trying to mount a device and... I had to enter the root password!!! What's this mess? The story is not finished: I discovered a config tool for this in System>Prefs>system>permission which run the polkit-gnome-authorization. *As a simple user*, not root, I found a line: "mount file systems from removable drive" for which the permission is set, by default, to: "No" for everybody. *as simple user* (again), I changed this permission to yes for everybody I am wondering what is the meaning of this: either it is something that everybody can do and no tool is needed, or it is important that only root can modify some system wide config and, in that case this tool is a nonsense. You might also enjoy following this thread: https://www.redhat.com/archives/fedora-test-list/2009-March/msg00934.html and these bugs: https://bugzilla.redhat.com/show_bug.cgi?id=489397 https://bugzilla.redhat.com/show_bug.cgi?id=450304 which discuss some interesting things about PolicyKit and DeviceKit. Hopefully the reason you could change the "mount file systems from removable drive" permissions was because you first entered the root password for the first popup, if however it was not then please open a bug describing that problem. it would be new but related to 450304. -- Todd Denniston Crane Division, Naval Surface Warfare Center (NSWC Crane) Harnessing the Power of Technology for the Warfighter -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
Re: new thing to make people turn crazy
On Tue, Mar 17, 2009 at 09:08:51PM +0100, François Patte wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Bonsoir, > > I plugged an usb drive on my computer and, instead of being mounted as > usual, a popup window opened claiming that some application was trying > to mount a device and... I had to enter the root password!!! > > What's this mess? I have no experience with that, but having said that... It's certainly a security mechanism to keep any joe blow from walking up to the unattended machine and sticking in a USB device that may be used for nefarious purposes. You should be able to change it to work like you want if that isn't a concern for you. > > The story is not finished: I discovered a config tool for this in > System>Prefs>system>permission which run the polkit-gnome-authorization. > > *As a simple user*, not root, I found a line: > > "mount file systems from removable drive" for which the permission is > set, by default, to: "No" for everybody. > > *as simple user* (again), I changed this permission to yes for everybody > > I am wondering what is the meaning of this: either it is something that > everybody can do and no tool is needed, or it is important that only > root can modify some system wide config and, in that case this tool is a > nonsense. > > Same thing as for the gnome keyring manager (see another post on this > list): I cannot disable it and everytime I want to ssh a remote host a > popup ask me for a password, I refuse to give a password (I was not > asked to define one) and I can ssh For what purpose are these stupid > tools? > > I tried to yum remove these things but it is impossible: so many > packages depend on them: scim!!! evince!!! totem!, eog, f-spot > > In f11, shall we be forced to set a password to log-in, another to use > emacs, another to use TeX, another to see the result of what we have > typed with emacs/tex... > > Is this security policy a heritage from Bush administration? > > - -- > François Patte -- Fred Smith -- fre...@fcshome.stoneham.ma.us Do you not know? Have you not heard? The LORD is the everlasting God, the Creator of the ends of the earth. He will not grow tired or weary, and his understanding no one can fathom. - Isaiah 40:28 (niv) - pgpECuONq5dmT.pgp Description: PGP signature -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
new thing to make people turn crazy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Bonsoir, I plugged an usb drive on my computer and, instead of being mounted as usual, a popup window opened claiming that some application was trying to mount a device and... I had to enter the root password!!! What's this mess? The story is not finished: I discovered a config tool for this in System>Prefs>system>permission which run the polkit-gnome-authorization. *As a simple user*, not root, I found a line: "mount file systems from removable drive" for which the permission is set, by default, to: "No" for everybody. *as simple user* (again), I changed this permission to yes for everybody I am wondering what is the meaning of this: either it is something that everybody can do and no tool is needed, or it is important that only root can modify some system wide config and, in that case this tool is a nonsense. Same thing as for the gnome keyring manager (see another post on this list): I cannot disable it and everytime I want to ssh a remote host a popup ask me for a password, I refuse to give a password (I was not asked to define one) and I can ssh For what purpose are these stupid tools? I tried to yum remove these things but it is impossible: so many packages depend on them: scim!!! evince!!! totem!, eog, f-spot In f11, shall we be forced to set a password to log-in, another to use emacs, another to use TeX, another to see the result of what we have typed with emacs/tex... Is this security policy a heritage from Bush administration? - -- François Patte UFR de mathématiques et informatique Université Paris Descartes 45, rue des Saints Pères F-75270 Paris Cedex 06 Tél. +33 (0)1 4286 2413 http://www.math-info.univ-paris5.fr/~patte -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAknAA1MACgkQdE6C2dhV2JUlsgCfT43EmsUt9LT75v8TFExCdRpd qCoAoIxhnSMb11NUGMsVArdxgM2nXo3t =fG0a -END PGP SIGNATURE- -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines