Mailinglist Archive: opensuse (818 mails)

< Previous Next >
Re: [opensuse] command line question
You could always use gtkpod, no jailbreaking needed to use your iPod
with it and it is very easy to use!

On 30 August 2011 20:35, Felix Miata <mrmazda@xxxxxxxxxxxxx> wrote:
On 2011/08/30 14:47 (GMT-0400) zGreenfelder composed:

throwing my hat in cuz I'm bored at work, I guess.

 Doesn't sound like you understand the gist of that thread. Running a
program
 as root is a common test and troubleshoot procedure. If an ordinary user
 can't do something but root can, the problem is usually one of
permissions.

right.  a common -troubleshooting- action.  if $user can not run
$program, try as root; perhaps permissions are wrong.
it is -not- a typical operation mode; root permissions should be
limited to those few places where really necessary..

Or where it doesn't matter and there's no reason to complicate operation for
no purpose served by the mere existence of more than one user.

 Conversely, in a new system a lot of time is saved by creating user(s)
only
 after knowing the system works suitably. Absent recompilation, VLC does
not
 permit these standard practices.

it is a -very- standard practice to either refuse to run as root or to

This is the only such case I've ever knowingly run into with an app that
requires X to function at all.

become another user in the background to drop root permissions, if
$program is doing actions that could have serious security
problems/negative impacts on a machine/doing actions that aren't from
completely trusted source.   that is actually the gist of the thread
you pointed to.

No one has as yet explained what security issues could possibly exist
playing a local source DVD, .ts, .mpeg, .mp3 or the like outside a Windows
desktop environment. The only thing an app to play those has any business
doing without explicit permission is accepting keyboard and mouse input,
reading bytes from media, and sending its interpretation of them and input
actions to a display screen and audio system. For such a purpose it should
not matter the nature of the user except to have permissions for the source
and output devices. No writing to storage is implicitly necessary. If a
player can write unfettered to storage it's broken no matter what
permissions its user has or not. It's my puter, not VLC's.

if 'a lot of time is saved' by not creating users, you're probably
trying to create users in a wrong way and the fact that you're so
eager to leave root user logged into a running system (albeit in a
semi secured, home environment) makes me think you don't really grasp
security implications and/or best practices for what you're doing.

Time is saved by not wasting time setting up users and /home (e.g. on a
separate partition and/or physical device) on a system as yet untested to
actually support the operations of its intended use. I rarely install on
anything except old hardware that needs testing to ensure it's capable of
its intended use before being (re)placed into service that may be entirely
unlike its original use.

I think that by requiring people to compile the code to run as root,
vlc (and opensuse in this particular case) is ensuring a minimum level
of technical competence for dealing with the potential problems/issues
that can arise from running a video decoding/viewing process as root.

To output media to a TV by a system used only for that purpose requires no
security. VLC does not require a non-admin user open it by the gazillion
more Windows than Linux users that use it, so it shouldn't be more imposing
on Linux. A warning rather than an outright prohibition is sufficient
imposition.
--
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx





--
Cheers

Leon
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
This Thread
Follow Ups