On Wed, Feb 29, 2012 at 02:40:13PM -0500, Larry Stotler wrote:
As many are aware, Linus Torvalds has started a rant about the security policies in openSUSE for things that require the root password. From his Google+ post(https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5), he names these:
Time Zone changes Adding a Printer Adding a wireless network.
Now, I don't usually see the wireless issue because KNetworkmanager in KDE3(which I use) has never asked the root password for adding a new network.
While at 37, I've never changed timezones(I lead a boring life) I would have to agree that having to use the root password for this would be annoying if I needed to change it because of a flight or something.
I've worked with Linus on a hardware issue years ago, and I think we should probably at least consider reviewing the policies if they do need changed.
Hi, Let me address in the points - timezone changes he complains about GNOME 3 uses just 1 root service for both timezone and actual UNIX time changes. If it were split, we could allow timezone for users and only allow unix time for root. (There are split DBUS services already, just GNOME 3 uses yet another new one.) => It is a GNOME issue really. - adding a printer As it is already: * Adding a known USB printer : No popup, no query ... the printer will just start to work. * Adding a Network printer: depending on the computers "networked printer browsing" setup, will just work without interaction. * Adding a new not yet known printer: Difficult. If you even need a PPD file to set it up, or an external driver, allowing this is the equivalent of giving out root access. => Setting up printers is a hard task, and root privilege escalation is usually easy when you are allowed to do it. (I would also like to see it done on Windows 7 without Admin Password.) - NetworkManager 12.1 shipped with 0.9 NetworkManager which was very fresh off the press. Before 0.9 all WLAN connections were "user" based connections and did not change the system. 0.9 features now "system" and "user" based connections. The default is "system" connections, it was not even possible to select the "user" option. A "system" connection is too deep and should only be configurable by root in our eyes. Sadly, the UI frontends did not offer the selection to select "user" profiles, so it was necessary. Ludwig did quite some work on making the default more sane and it works now at Linus acceptance level I think. => NetworkManager and NM UI tools design issues make a secure and usable default hard. For all of those exists bugzilla entries. All of those need less help on the security side, but way more help on the implementation and design side in the User Interfaces, especially NetworkManager. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org