[opensuse] Re: Should openSUSE review it's Security Policies?
Rasmus Plewe wrote:
On Tue, Mar 06, 2012 at 08:35:07AM +0100, Per Jessen wrote:
Frans de Boer wrote:
[big snip]
Where are the people who care about normal end-users who use the computer as a tool only.
Look at this discussion, that shouldn't have been a discussion to begin with. "A desktop user should be able to do desktoply things." He can touch the hardware, so, from a technical point of view, what kind of security is there, anyway?
???? But that wasn't the discussion, at least not its start. Linus does *not* want to give his daughter full root access. But he wants her to be able to do things that the default 12.1 policy prohibits. As Marcus wrote, this is actually often not even a policy problem, but the user interfaces didn't change fast enough to support newer low-level service facilities, e.g., system vs. user connections in NetworkManager. He didn't address the issue if those newer facilities should have been used as default, though. IMHO, the issue is more how new facilities are introduced in openSUSE. If a new facility breaks some other software or introduces a regression, are the other software's maintainers responsible to care for it, or is it the person/group that introduces the change. When somebody introduces system network connections and makes them default, he has to take care and coordinate changes in GUIs to make them usable again. Btw, We had plenty arguments for both sides when systemd was introduced. This ain't a new discussion. For the record, I like the Linux kernel approach: If your new code breaks something, you have to fix it, not some other guy. Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod Email: jschrod@acm.org Roedermark, Germany -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Tue, Mar 06, 2012 at 07:19:50PM +0100, Joachim Schrod wrote:
Rasmus Plewe wrote:
Look at this discussion, that shouldn't have been a discussion to begin with. "A desktop user should be able to do desktoply things." He can touch the hardware, so, from a technical point of view, what kind of security is there, anyway?
????
But that wasn't the discussion, at least not its start.
Not sure what you refer to. That a desktop user should be able to do desktoply things _was_ the start of the discussion. If someone has physical access to a machine, it's rather hard to lock him out of the system.
As Marcus wrote, this is actually often not even a policy problem, but the user interfaces didn't change fast enough to support newer low-level service facilities,
I was never attacking Marcus. But, as nicely as you described the problem and how everyone blames someone else, do you really think the desktop user cares as long as the problem exists? So, the focus should be how to enable a status that the user rightly expects, rather than to argue why it is as broken as it appears to him. Rasmus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
Joachim Schrod -
Rasmus Plewe