World writable speakup files in Linux next
Samuel Thibault
samuel.thibault at ens-lyon.org
Mon Dec 13 15:01:34 EST 2010
Frost, le Mon 13 Dec 2010 18:21:10 +0000, a écrit :
> On Mon, Dec 13, 2010 at 04:41:57PM +0100, Samuel Thibault wrote:
> > No, you can't, because the loggued-in person might be a
> > virus/worm/attacker/whatever which compromised the user's account.
>
> Then your security was breached already, and has nothing to do
> with speakup.
A userland breach is way less dangerous than a root or a kernel breach.
> Personally, I think it's far worse for security to let a
> user have access to any and every mail client on the system, in case
> they use it to spam the entire planet with it, and those are left wide
> open on purpose. <shrugs> You don't see me clamping down restrictions on
> those, just because someone *might* abuse them and lose me my internet
> connection.
My point is: when it happens, you don't want to loose physical control
of the machine.
> I don't want to go thru 20 different steps, just to kick up the volume
> a notch on my own friggin keyboard.
Who said so?
> I certainly don't want to have to go through 20 different steps every
> time I need to su to someone else to check if something is working
> properly for them.
Again, who said so?
As I said already, consolekit already handles that for audio.
Samuel
More information about the Speakup
mailing list