> I'm having a awfully hard time figuring out why a home CCTV > application might need privilege at all. Are you sure you really need > privilege? It sounds to me like there may be some larger design > issues mandating the need for privilege when it's not really > necessary. >
A user login should only able to view the footage. It's important that a user login cannot delete any images/video. This much can be done with ACL - but having said that a user login would still be able to copy the images/video, so ACL would work but is not ideal - I could prevent copying with raised privileges. If I were to allow a user to archive footage without using an admin login then that would require ACL with write access, which is out of the question. If a camera loses its connection I think it's OK to let a user restart the camera without using gksu, but this would require raised privileges. There are other misc. points where I need write access. The directory where images are stored by the live feed can become 'messy' (for want of a better way of putting it), write access is needed to tidy it up before live camera images can be viewed, it's not really appropriate to use gksu here every time a user wants to view the live images. Also (I don't know exactly how I'm going to do this yet) but I'm thinking I might use the system log functions (syslogd) as part of a scheme to ensure the integrity of saved footage and the archive. As a misc. point, I'm wondering why redhat 6 hasn't included gksu in with its gnome, policykit is there, but gksu is at this point omitted. (The policykit widget is not included with pygtk, or at least the version I'm using.) There is a package from another repo (beesu) that is a gksu replacement, but it's not ideal to be rummaging around in all corners of the Internet for code as critical as this. -- http://mail.python.org/mailman/listinfo/python-list
