I really hope that distributions don't see security policies as a differentiator. This is how we got SELinux vs. AppArmor and real-world apps having to ship both kinds of policies (or Fedora flat out ignoring any idea of third-parties and such and including literally every application ever in its contrib policy file https://github.com/fedora-selinux/selinux-policy/tree/f23-contrib).
On Tue, Mar 29, 2016 at 11:28 PM, Martin Peres <[email protected]> wrote: > On 30/03/16 01:12, Olav Vitters wrote: >> >> On Mon, Mar 28, 2016 at 10:50:23PM +0300, Martin Peres wrote: >>> >>> We thus wanted to let distros take care of most of the policies (which >>> does not amount to much and will likely come with the application >>> anyway). However, some distros or devices come with a system >>> that already defines security policies and they will likely not want >>> a proliferation of storage places. Hence why we allowed for >>> multiple backends. But this is an exception rather than the rule. >> >> Why should every distribution decide on some policy? The default way >> should work sanely and the way that a user would experience it makes >> sense. I help out with Mageia (+GNOME), I'm 98% sure Mageia has 0 >> interest in creating/developing such a policy. > > In WSM, you can set default behaviours for interfaces. This should cover > your use case. > > However, remember this: If it is not the user or the distribution, then you > are basically trusting the developer of the application... which basically > means we are back to the security of X11. > >> e.g. Linus complaining about (IIRC) needing to provide a root password >> after plugging in a printer. If we create such a situation again I might >> even understand why he's rants :-P > > This would be utterly ridiculous, and this is what we addressed here: > http://mupuf.org/blog/2014/03/18/managing-auth-ui-in-linux/ -- Jasper _______________________________________________ wayland-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/wayland-devel
