On Mon, Dec 08, 2008 at 03:27:49PM -0600, Brian Cameron wrote: > Once VT is enabled in the Xserver and GDM, users can start multiple > graphical logins with GDM. So, if a user logs into the first graphical
Ah, right, I'd forgotten this. > login, they get the audio device. Then you can use VT switching in GDM > to start up a second graphical login. If this user needs text-to-speech, > they are out of luck since they can't access the audio device from their > user session regardless if they can log in. At any rate, VT is not yet > enabled in the Xserver or GDM, so there really isn't an issue that needs > to be addressed until this is integrated and working in Solaris. Well, shouldn't this mean that /dev/audio should get virtuallized so that it's as /dev/null when the console is switched to a different VT, so only the current VT ever has access to the real /dev/audio? Is there a shortcomming in VT here? > Console login also does use logindevperm, so you could also have this > problem if a user logged into a text console, then started GDM. Though > this would be an odd usage of the system. If a user were to do this, > they shouldn't be surprised if it doesn't work properly. I would be! > Perhaps I should explain the history of this a bit, just so you understand > how the code has evolved. In Solaris 10, GDM used logindevperm to give the > ... I didn't realize that we had A11Y support in S10's GDM! I thought that was one of the problems with it. How do you configure A11Y for GDM? I would really like to enable sticky keys at the GDM screen. > >No, that's not the problem I care about. The problem I care about is: > >how to make sure that logindevperm never gets modified to set devices' > >ACLs in any way that might trample on GDM's ACL entries. > > Yes, that makes sense. > > ... > > The login GUI is run with limited privilege. Ah, OK. So methinks there needs to at least be a comment in logindevperm code to guard against someone causing it to clobber GDM's ACL entry. The ARC might care to know too; ask a member. Nico -- _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
