> Hi Steve, thanks for the thoughtful response.
>
> PAM's technical implementation allows a number of modules to be tried in
> order for authentication. Your API, as a PAM authentication module, is
> limited to four operations: ask the user a non-secret question (with a
> textual response), ask th
On 27/02/2014 18:01, Jasper St. Pierre wrote:
On Wed, Feb 26, 2014 at 10:02 PM, Sebastian Wick
mailto:sebast...@sebastianwick.net>> wrote:
Hey Jasper,
maybe I didn't understand what you're saying but why can't you use
the application authorization mechanism you're talking about in
Hi Steve, thanks for the thoughtful response.
On Thu, Feb 27, 2014 at 3:27 PM, Dodier-Lazaro, Steve <
s.dodier-lazaro...@ucl.ac.uk> wrote:
> Hello Jasper,
>
> A quick reply on some of your emails (grouped to avoid spamming the ML).
>
> > My experience with PAM and similar "pluggable security mod
Hello Jasper,
A quick reply on some of your emails (grouped to avoid spamming the ML).
> My experience with PAM and similar "pluggable security modules" is that
> they provide a subpar user experience, are hard to integrate properly into
> the system, and have large pain points that stem from ha
On Wed, Feb 26, 2014 at 10:02 PM, Sebastian Wick <
sebast...@sebastianwick.net> wrote:
> Hey Jasper,
>
> maybe I didn't understand what you're saying but why can't you use the
> application authorization mechanism you're talking about in a "WSM"?
> Wouldn't it make sense to make it independent of
Hey Jasper,
maybe I didn't understand what you're saying but why can't you use the
application authorization mechanism you're talking about in a "WSM"?
Wouldn't it make sense to make it independent of the compositor?
Am 2014-02-26 23:05, schrieb Jasper St. Pierre:
Hi Martin,
My experience w
Hi Martin,
My experience with PAM and similar "pluggable security modules" is that
they provide a subpar user experience, are hard to integrate properly into
the system, and have large pain points that stem from having such
flexibility.
My compositor, mutter, will probably never call out to your
Le 19/02/2014 17:11, Martin Peres a écrit :
Wayland Security Modules
As seen earlier, granting access to a restricted interface or not
depends on the context of the client (how it was launched, previous
actions). The expected behaviour should be defined by a security policy.
As no conse
Em qui 20 fev 2014, às 14:34:39, Bill Spitzak escreveu:
> This makes it impossible for a privileged client to distribute it's
> privledges to more than one subprocess, or to both itself and a subprocess.
I think it's fine. That's hardly a common scenario.
To allow distribution of security setting
This makes it impossible for a privileged client to distribute it's
privledges to more than one subprocess, or to both itself and a subprocess.
That is why I would prefer an "id" approach, which I still think would
be a good way for parent processes to send objects to children, even if
it is n
On Thu, Feb 20, 2014 at 2:41 PM, Thiago Macieira wrote:
> Em qui 20 fev 2014, às 21:31:59, Martin Peres escreveu:
> > > Now, the privileged process wants to launch a sub-process. How will the
> > > sub- process connect to the compositor? Remember: WAYLAND_SOCKET
> contains
> > > a file descriptor
Em qui 20 fev 2014, às 21:31:59, Martin Peres escreveu:
> > Now, the privileged process wants to launch a sub-process. How will the
> > sub- process connect to the compositor? Remember: WAYLAND_SOCKET contains
> > a file descriptor number that isn't available to the child process.
>
> Ah, I see. Y
Le 20/02/2014 21:26, Thiago Macieira a écrit :
Em qui 20 fev 2014, às 19:56:08, Martin Peres escreveu:
Le 20/02/2014 18:42, Thiago Macieira a écrit :
Unless you meant that the WAYLAND_SOCKET variable can contain a file
descriptor number. Is that the case? In that case, how should the
privileged
Em qui 20 fev 2014, às 19:56:08, Martin Peres escreveu:
> Le 20/02/2014 18:42, Thiago Macieira a écrit :
> > Unless you meant that the WAYLAND_SOCKET variable can contain a file
> > descriptor number. Is that the case? In that case, how should the
> > privileged process clear the environment to all
Le 20/02/2014 20:43, Sebastian Wick a écrit :
Am 2014-02-20 20:02, schrieb Martin Peres:
Le 20/02/2014 13:04, Pekka Paalanen a écrit :
snip
It can be done, but with a little more effort than implied here.
Binding to an interace means wl_registry.bind request, and failing that
is always a fatal
Am 2014-02-20 20:02, schrieb Martin Peres:
Le 20/02/2014 13:04, Pekka Paalanen a écrit :
snip
It can be done, but with a little more effort than implied here.
Binding to an interace means wl_registry.bind request, and failing
that
is always a fatal error, which terminates the client connectio
Le 20/02/2014 13:04, Pekka Paalanen a écrit :
On Wed, 19 Feb 2014 17:11:03 +0100
Martin Peres wrote:
Hi Guys,
Following to the giant and impossible to read "Authorized clients"
thread, I said I would take the time and write everything we talked
about down, for convenience and to check I took
Le 20/02/2014 18:42, Thiago Macieira a écrit :
Unless you meant that the WAYLAND_SOCKET variable can contain a file descriptor
number. Is that the case? In that case, how should the privileged process
clear the environment to allow child processes to be launched?
Yes, it takes an FD as a paramete
Em qui 20 fev 2014, às 14:04:42, Pekka Paalanen escreveu:
> FWIW, Weston already does track its children by pid also, so that it
> can respawn them as needed if they e.g. crash.
Some compositors may take advantage of an external process launcher &
babysitter, like systemd --user.
> > A simpler a
On Wed, 19 Feb 2014 17:11:03 +0100
Martin Peres wrote:
> Hi Guys,
>
> Following to the giant and impossible to read "Authorized clients"
> thread, I said I would take the time and write everything we talked
> about down, for convenience and to check I took everyone's idea and
> needs into acc
Hi Guys,
Following to the giant and impossible to read "Authorized clients"
thread, I said I would take the time and write everything we talked
about down, for convenience and to check I took everyone's idea and
needs into account.
I published the whole article on my blog [1] but I also want
21 matches
Mail list logo