Hi, On Wed, Mar 04, 2009 at 12:02:50AM +0100, Luca Capello wrote: > On Debian, we would like to start running applications as normal user: > briefly, in Joachim's words, "frameworkd D-Bus config should allow all > members of a given system group to use D-Bus calls, but not own the > D-Bus names" [1].
nice :) > Thus, we are faced with a decision: which system group should be set as > the default for frameworkd access? > On Debian, the system group should be picked up from the ones the > base-passwd package installs (Debian Policy §9.2.1 [2]): As far as I understand §9.2.1 you are not allowed to edit /etc/group, but you are allowed to create a new group via postinst and addgroup. In fact there are some packages doing this (e.g. kvm). > However, since frameworkd depends on D-Bus, the installation of the > latter creates another system group: messagebus > In the past, in what IIRC is the relevant thread, I fully supported the > choice for the dialout system group [3], because the primary function > for the FR is making phone calls. > However, given the fact that frameworkd ambition is bigger than simply > managing a mobile phone, I understand that the dialout system group can > be seen as reductive. That is why I'm asking here :-) In my opinion the framework should get its own group. All the other groups are meant only for parts of the framework (e.g. dialout), others are to powerful (e.g. root). If we have a group just for framework we won't conflict with any other meanings of system group entries. Another option would be to split the functionality, so that dialout group is allowed to use the dial functions, but nothing else, ... But IMHO this way is to much work for developers and users. -- Sebastian Reichel
signature.asc
Description: Digital signature
_______________________________________________ Smartphones-userland mailing list Smartphones-userland@linuxtogo.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/smartphones-userland
