On 05/23/2012 08:29 AM, Andreas Jaeger wrote:
On Tuesday, May 22, 2012 19:52:33 Robert Schweikert wrote:
On 05/22/2012 08:48 AM, Andreas Jaeger wrote:
I just put the following on my blog as well (http://jaegerandi.blogspot.de)
and look forward to your help defining a better policy: [snip]
Call for action: Review and discuss http://en.opensuse.org/openSUSE:Security_use_cases using the following questions: * Are there any use cases missing?
IMHO the list appears pretty complete.
Maybe "Insert CD/DVD" for music/movie playing use case could be added to the page. But this is handled automatically by the DEs thus it may be mentioned for "completeness" or just be left off the list.
Go ahead and add it to the wiki, please.
Done
* Is there any thing missing in the specific use cases?
I think we could have a "severity" rating for the "system wide action" assessments. For example "adding a repo" has a high severity value, lets say 5 (scale 0 - 5) while "updating installed packages from trusted repo" would have a low severity rating, maybe 1. This might provide a guideline to help us decide whether we want the root password or not.
* How can we solve these use cases so that a system is easy to setup
for the most common usage scenarios?
I think we could have a "simple" YaST dialog that lets the sysadmin configure settings to her/his needs/liking. I could imagine something like the attached sketch should suffice.
This is flexible, easily expandable, and implementation shouldn't be too terribly time consuming. The underlying assumption is that all processes affected support policy kit. The result is that the dialog simply writes out policy kit rules.
Yes, something like that should work for the IMO 10% of esoteric use case.
The question remains: How to setup the system by default?
I am not certain we need to change the defaults (other than the really obvious network thingy ;) ). I think we need to provide the administrator of the system with an easy way to hand out permissions on a per system per user basis as she/he sees fit and feels comfortable with.
What questions should be asked?
None, that's the idea behind the point and click approach of the dialog. If we ask general questions such as "is this is single user laptop" and we shape our setting based on answers to these types of questions we will get it "wrong". People are not going to like our decisions and will moan/groan/complain. Having a dialog where we can simply add a new entry if we missed something should be relatively straight forward. It also provides admins the opportunity to set things up as they see fit in a rather obvious way, rather han having to figure out "what does openSUSE doe when I answer yes to question X". The new dialog could be shown at the end of the configuration process during the install, and can be accessed from YaST any time. Later, Robert -- Robert Schweikert MAY THE SOURCE BE WITH YOU SUSE-IBM Software Integration Center LINUX Tech Lead rjschwei@suse.com rschweik@ca.ibm.com 781-464-8147 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org