Dne 25.5.2012 12:13, Johannes Meixner napsal(a):
Hello,
On May 24 11:25 Andreas Jaeger wrote (excerpt):
Let's start a new thread to look a bit more at different roles.
I saw these two proposals:
Stefan Seyfried proposed a machine use case:
Having a few "presets" with the most common use cases, best accompanied with a short description is still a good idea IMHO. Maybe stuff like:
* "Admin configured server": you need the root password for all changes
-> basically like in good old times before polkit and friends: you'll need to "su -" and then use yast or whatever to change stuff.
* "User configured laptop": you are allowed to connect to WiFi networks, connect printers and install package updates with your user account. For adding software repositories and installing additional software, you'll need the root passowrd.
What exactly does it mean "you are allowed"?
Can the user do particular configuration changes without entering any password?
If yes, arbitrary persons who get even short time access to the machine can do particular configuration changes when it is running unattended (e.g. when the user forgot by accident to lock his screen).
I am not against such a setting, I only like to point out a security consequence.
* "third preset": I have no idea what a third preset could be
Proposal for a "third preset":
* "Single password protected machine" Same as the "Admin configured server" but the root password is the same as the user password. "The user" in this case is the normal user account that is set up during installation and this user is considered to be "the owner" of the machine.
Then configuration changes could still require THE password which is - from my point of view - sufficiently easy to use and sufficiently secure because:
- The owner of the machine can do any configuration changes, he only must provide THE password.
- The owner of the machine cannot do configuration changes by accident because he must provide THE password.
- Arbitrary persons who get access to the machine cannot do configuration changes (i.e. arbitrary persons cannot hijack the machine when it is running unattended).
Of course it is already easily possible to set the root password and the user password to the same value (so really no ingenious new things here) but perhaps it helps if even such a simple but a bit special kind of setup is offered under a ready-made "preset"?
I think that we need different settings for different users - even on the same machine. So, some kind of roles.
I fear implementing roles becomes a huge piece of work - i.e. too much for now (in particular too much with the limted manpower behind our many YaST modules to implement roles therein).
There's no need to implement roles for all YaST modules at once - while it is a good long-term goal, we should ask which the most common use-cases, where a non-priviliged user needs to do an admin task, are, and start there. Jiri
I wish to start with something really simple but to really start with implementing it right now and not discuss much longer about an ultimate final solution.
Kind Regards Johannes Meixner
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org