Quote:
Originally Posted by scottjk
I haven't built a linux box for well over ten years, and haven't encountered Polkit or Consolekit. My usual go-tos like LinuxDocs haven't been updated for years, much to my disappointment. The XML files I spoke of were the policy files for Polkit, but the docs for Polkit that was installed only spoke of writing those policies by hand *shudder*, no mention of a UI or if there was a fork involved that eventually came up with a UI for those files. However, with that being said, the slackware docs weren't all that helpful, either, other than for basic system configuration in general, then point to said out of date HOWTOs.
|
There's a lot of programs out there that don't have UIs to change their components. But, in /etc/polkit-1/rules.d/, the files aren't in xml. I believe the xml config is actually from dbus, not polkit. But since polkit interacts with dbus, polkit does contain an xml config for dbus.
As for slackdocs, it is up to the community to update them. Considering I haven't needed to tweak dbus or polkit/consolekit, I haven't needed to look at slackdocs for them.
Quote:
Originally Posted by scottjk
Xorg is still a major mystery, frankly, and it took me awhile to figure out what was actually installed, and THOSE config files used to provide full explanations on possible settings and an example or two. Not so much, now, and they often reference defaults that I haven't been able to determine. I suppose much of those are established at compile time, and I have doubts that changes to the defaults were included in the slackware documentation.
|
There's not much in the way of Xorg config files nowadays. Xorg autodetects hardware and configures itself automatically. If you need to override the defaults, you can create your own conf files. There's many examples of this online, including a few on SlackDocs.
Quote:
Originally Posted by scottjk
Basically, my thought is this: If something creates a security risk, it's a bug, isn't it? So, fix the bug, rather than writing software that will contain even MORE bugs to deal with the first bug. Seems like a waste of energy to cover a hole with drapes when a little spackle is needed instead.
|
What do you consider a security risk? Some people prefer the risk for the benefits they provide. Initially, only root was able to mount thumbdrives, but polkit and dbus allows a user assigned to the plugdev group to mount thumbdrives, cameras, sdcards, etc. If you don't want your user to have that ability, you just make sure they aren't part of the plugdev group.
Security risks are required in the world, not even just the software industry. A door and window into a house are a security risk, they are much easier to break into than a wall, but the benefits they provide outweigh the risks. In the computer industry, ideally things would be extremely locked down, but that doesn't make for a very good user experience. Developers have to balance security with usability.
