Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

I don't like KDE!



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> My question are:
> What part of KDE does this?
> How do I disable it?
> Does GNOME work the same way?
> 
> My personal opinion, this technique of changing access at login
> stinks!

I know next to nothing about KDE, but I do know why these things are
changed: it avoids the necessity of having setuid programs to access
the devices, and as we all know, setuid programs are potential
security risks.

Most people who run X as their normal environment solve this problem
by running a display manager (such as xdm or gdm) and making the
presession script set the ownership of the various devices to the user
logging in.  This has the advantage of giving you a pleasant looking
login (well, at least in the case of gdm; the xdm login widget is
hideous) as well as setting ownership properly, while avoiding the use
of "trusted" setuid programs.

There are several ways around this if you want to be able to access
those devices in the same way when using a regular tty login.  The
simplest is to create a setuid script that sets the appropriate
ownerships when the person is logging in from the first virtual
terminal.  E.g.,

#!/bin/sh

if [ `/usr/bin/tty` == tty1 ]; then
        /bin/chown $USER /dev/dsp /dev/audio /dev/tty1 /dev/cdrom
fi

and make this run from /etc/profile or /etc/zlogin or whatever the
login script is for your shell.  Note that all the executables in the
above script are listed with complete paths: this is important for any 
setuid scripts.

Kyle


- -- 
Kyle R. Rose                      "They can try to bind our arms,
Laboratory for Computer Science    But they cannot chain our minds
MIT NE43-309, 617-253-5883             or hearts..."
http://web.mit.edu/krr/www/                           Stratovarius
krose at theory.lcs.mit.edu                              Forever Free
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3ii5f66jzSko6g9wRAtOaAJ9P1ViXr9Z5GB+lsnKWvhjSra/M9QCg5JwO
r+XeLwau4eLyt74KUyuPYyQ=
=MD22
-----END PGP SIGNATURE-----
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org