On Thu, 2016-01-21 at 04:32 +0100, Michael Biebl wrote: > Right, since we had removable media 30 years ago. No but mounting filesystems.
> In such a very specialised situation you can easily lock down the > configuration. For such a setup you will most likely need custom > configuration anyway to be secure. > A default configuration needs to usable by the majority of users. The problem with that is: AFAIU, when I override polkit rules, that it's really just the specific rule that are overriden... and no the whole config file e.g. org.freedesktop.udisks2.policy While this makes at first since of course, it also means that one have no real chance to go back to sane permissions unless one would track any single change of /usr/share/polkit- 1/actions/org.freedesktop.udisks2.policy. Of course one can override all rules that are there right now, but new properties get added or existing ones removed, and then one's back to insecure-per-default settings. > There is no "real issue". Maybe not for you, others may have tighter security constraints, though. E.g. I wouldn't want to have everyone-may-access-everything just it may seem convenient for some people and they set up their systems like this. > Point. > You are making a big fuss for nothing and wasting everyones time, > mine > included. I'm not willing to tolerate that. Uhm I had understood that before. Not-an-issue-for-you plus threatening people for whom it is - bug solving by oppression (guess I should try that at the institute as well =) ),... So no need to point out and praise your position of power again. Anyway,.. the bug is closed as you enforced it,.. perhaps it should be marked wontfix? Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature
