On Mon, Jun 22, 2009 at 09:24:24AM +0100, Bob Ham wrote:
There's something wrong here.
There is a lot wrong here.
* Question: is the 'demoting' of RT-threads applied only to RT
threads granted by this daeomon, or does it apply to all, including
those created by processes running as root ? In the latter case this
system is not only broken, but should be classified as malware.
* Why should an app running on an headless system at RL3 be forced
to go through a collection of desktop-oriented daemons in order to
do something that amounts to a simple POSIX system call ?
* Claiming that 'group based security is broken' is not only
a show of ignorance, but also of arrogance. All UNIX sysadmins
of the last 30 years must have been idiots.
* I don't run a 'desktop' on any machine, nor do I want one.
The thing I'm looking at is a computer screen, and that's it.
I want to remain the master of my system, whatever I do is
by definition to be trusted. This includes running RT threads
that may block the machine. I'm not married into the Kit
family, and the last thing I want is this collection of
mothers-in-law interfering with my system. If the the desktop
kids want this sort of thing that's fine. Let them build it
into their desktops, but keep it out of the operating system.
* All this talk from the freedesktop crowd about 'security'
is as misleading as it can be, *All* security violations
I've seeen lately on any of my systems were generated by
these desktop madness. This includes:
- Gdm making unauthorised network connections (disable
DNS and see it hang for two minutes).
- Login manangers changing device permissions.
- Gnome automounting removable disks that don't have
the 'user' flags set in /etc/fstab.
- Digital camera software making unauthorised copies
of pictures to the local hard disk.
And more. This is 'big brother' security - basically
it means: 'trust us, we want the best for you, and are
trying to make your life easy'.
* If this trend continues then within a year or two
there will some 'FilesystemKit' that requires the OK
from
freedesktop.org each time you open a file. And
no doubt also a 'DecencyKit' checking the color of
your underwear.
* It is IHMO high time to start the development of a
kernel patch that removes all of this, and provides a
clean POSIX system to those who want it.
Ciao,
--
FA
Io lo dico sempre: l'Italia รจ troppo stretta e lunga.