On 11/19/2015 08:31 AM, Reindl Harald wrote:
Am 19.11.2015 um 13:57 schrieb Simon Farnsworth:
> Put another way: "sudo emacs /etc/hosts" will break under Wayland
than wayland is currently not useable and ready to replace X11
as user i don't care if the application needs to be fixed or wayland
lacks whatever but given that there are a bazillion more applications
compared to X11 versus wayland it's pretty clear where to start
you're arguing that the multitude of X applications does not
have fine-grained access controls, so they have to be given overall root
privilege---but this is the old OS security model that we've been moving
away from for years.
Adam's argument is that we should switch to fine-grained control, just
like we switched to fine-grained control with SELinux. We have to find
out why the GUI app legitimately requires elevated access and give it
just that access. Those 'horrible hacks' that you decry do exactly that:
isolate the root-level file access and arrange for it, while running the
entire GUI at non-privileged level.
This could be done in other ways too, e.g. by wrapping the GUI with a
script that adds user to root file's ACL, edits it and takes ACL away.
Your rsync mechanism is actually a perfect example: root access to files
on your target systems should be decoupled from root access on your