From mboxrd@z Thu Jan 1 00:00:00 1970 From: jg@pa.dec.com (Jim Gettys) Date: Mon, 04 Feb 2002 15:10:56 +0000 Subject: Re: User-level Tasks in Hotplug Scripts? Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-hotplug@vger.kernel.org Fundamentally, we have no convention right now for any client (root or not) to connect to an X server except on initiation of the user (unless the user is silly enough to disable authentication entirely. This is an generic X issue (how to delegate authorization to connect). There is the xauth mechanism, not very secure, but no convention on its use in these circumstances. There is also support for kerberos, which is reasonably secure when used properly. And there is SSH, which has never been integrated into X's world cleanly (and probably should be). And there is Owen's scheme for some sort of server process, but this presents much the same fundamental security/authentication/authorization problem as well. I don't have a preconcieved notion of what the correct solution is; I'm not even very familiar with the possibilities. Certainly, I want no user intervention as much of the time as possible, but we also need a hotplug design which allows for user intervention at the time of first use in cases where it may be necessary. The hotplug script design needs to allow for this, even if it is not the usual case. And there is need to automatically run GUI based programs, even after configuration (automatically downloading images off your camera, for example). Personally, I find it very frustrating to have to go looking for a configuration tool before I can use some hardware: this is not something a (mere mortal) user knows in advance, and so don't believe the right thing to do is necessarily nothing (though for much hardware this may be the correct answer, it isn't for most casually used hardware). We can certainly split this discussion to the different communities if people think that is best, but I wanted to get the problem aired; there is a problem for each community to mull over at the core of this problem. And someone who sends mail from an address "nogui" certainly has a strong opinion on the topic, which may not be universal :-;. - Jim -- Jim Gettys Cambridge Research Laboratory Compaq Computer Corporation jg@pa.dec.com _______________________________________________ Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net Linux-hotplug-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel