* setting brightness as privileged operation?
@ 2017-01-05 9:23 ` Michal Hocko
0 siblings, 0 replies; 10+ messages in thread
From: Michal Hocko @ 2017-01-05 9:23 UTC (permalink / raw)
To: Jingoo Han, Lee Jones; +Cc: linux-fbdev, linux-kernel
Hi,
I have just learned that my Xfce Power Manager cannot manipulate
brightness because I do not have policykit installed on my computer.
There is a reason for that (yeah it depends on systemd which I prefer
not have).
While this is clearly a problem of the Xfce applet I am wondering why
setting the brightness has to be a privileged operation at all. Is there
any strong reason for it or just a general policy that we do not give
world writable files into sysfs?
--
Michal Hocko
SUSE Labs
^ permalink raw reply [flat|nested] 10+ messages in thread
* setting brightness as privileged operation?
@ 2017-01-05 9:23 ` Michal Hocko
0 siblings, 0 replies; 10+ messages in thread
From: Michal Hocko @ 2017-01-05 9:23 UTC (permalink / raw)
To: Jingoo Han, Lee Jones; +Cc: linux-fbdev, linux-kernel
Hi,
I have just learned that my Xfce Power Manager cannot manipulate
brightness because I do not have policykit installed on my computer.
There is a reason for that (yeah it depends on systemd which I prefer
not have).
While this is clearly a problem of the Xfce applet I am wondering why
setting the brightness has to be a privileged operation at all. Is there
any strong reason for it or just a general policy that we do not give
world writable files into sysfs?
--
Michal Hocko
SUSE Labs
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: setting brightness as privileged operation?
2017-01-05 9:23 ` Michal Hocko
@ 2017-05-11 21:07 ` Pavel Machek
-1 siblings, 0 replies; 10+ messages in thread
From: Pavel Machek @ 2017-05-11 21:07 UTC (permalink / raw)
To: Michal Hocko; +Cc: Jingoo Han, Lee Jones, linux-fbdev, linux-kernel
On Thu 2017-01-05 10:23:07, Michal Hocko wrote:
> Hi,
> I have just learned that my Xfce Power Manager cannot manipulate
> brightness because I do not have policykit installed on my computer.
> There is a reason for that (yeah it depends on systemd which I prefer
> not have).
>
> While this is clearly a problem of the Xfce applet I am wondering why
> setting the brightness has to be a privileged operation at all. Is there
> any strong reason for it or just a general policy that we do not give
> world writable files into sysfs?
Well, if you have another user logged in using ssh, and changing _your_
brightness, that will be somehow annoying, right?
That's the reason why global settings should be root-only...
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: setting brightness as privileged operation?
@ 2017-05-11 21:07 ` Pavel Machek
0 siblings, 0 replies; 10+ messages in thread
From: Pavel Machek @ 2017-05-11 21:07 UTC (permalink / raw)
To: Michal Hocko; +Cc: Jingoo Han, Lee Jones, linux-fbdev, linux-kernel
On Thu 2017-01-05 10:23:07, Michal Hocko wrote:
> Hi,
> I have just learned that my Xfce Power Manager cannot manipulate
> brightness because I do not have policykit installed on my computer.
> There is a reason for that (yeah it depends on systemd which I prefer
> not have).
>
> While this is clearly a problem of the Xfce applet I am wondering why
> setting the brightness has to be a privileged operation at all. Is there
> any strong reason for it or just a general policy that we do not give
> world writable files into sysfs?
Well, if you have another user logged in using ssh, and changing _your_
brightness, that will be somehow annoying, right?
That's the reason why global settings should be root-only...
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: setting brightness as privileged operation?
2017-05-11 21:07 ` Pavel Machek
@ 2017-05-12 6:20 ` Michal Hocko
-1 siblings, 0 replies; 10+ messages in thread
From: Michal Hocko @ 2017-05-12 6:20 UTC (permalink / raw)
To: Pavel Machek; +Cc: Jingoo Han, Lee Jones, linux-fbdev, linux-kernel
On Thu 11-05-17 23:07:55, Pavel Machek wrote:
> On Thu 2017-01-05 10:23:07, Michal Hocko wrote:
> > Hi,
> > I have just learned that my Xfce Power Manager cannot manipulate
> > brightness because I do not have policykit installed on my computer.
> > There is a reason for that (yeah it depends on systemd which I prefer
> > not have).
> >
> > While this is clearly a problem of the Xfce applet I am wondering why
> > setting the brightness has to be a privileged operation at all. Is there
> > any strong reason for it or just a general policy that we do not give
> > world writable files into sysfs?
>
> Well, if you have another user logged in using ssh, and changing _your_
> brightness, that will be somehow annoying, right?
I am pretty sure that such a user can do much larger harm than playing
with brigtness of my LCD. Anyway I went with my own rc.local hack.
--
Michal Hocko
SUSE Labs
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: setting brightness as privileged operation?
@ 2017-05-12 6:20 ` Michal Hocko
0 siblings, 0 replies; 10+ messages in thread
From: Michal Hocko @ 2017-05-12 6:20 UTC (permalink / raw)
To: Pavel Machek; +Cc: Jingoo Han, Lee Jones, linux-fbdev, linux-kernel
On Thu 11-05-17 23:07:55, Pavel Machek wrote:
> On Thu 2017-01-05 10:23:07, Michal Hocko wrote:
> > Hi,
> > I have just learned that my Xfce Power Manager cannot manipulate
> > brightness because I do not have policykit installed on my computer.
> > There is a reason for that (yeah it depends on systemd which I prefer
> > not have).
> >
> > While this is clearly a problem of the Xfce applet I am wondering why
> > setting the brightness has to be a privileged operation at all. Is there
> > any strong reason for it or just a general policy that we do not give
> > world writable files into sysfs?
>
> Well, if you have another user logged in using ssh, and changing _your_
> brightness, that will be somehow annoying, right?
I am pretty sure that such a user can do much larger harm than playing
with brigtness of my LCD. Anyway I went with my own rc.local hack.
--
Michal Hocko
SUSE Labs
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: setting brightness as privileged operation?
2017-05-12 6:20 ` Michal Hocko
@ 2017-05-12 9:47 ` Pavel Machek
-1 siblings, 0 replies; 10+ messages in thread
From: Pavel Machek @ 2017-05-12 9:47 UTC (permalink / raw)
To: Michal Hocko; +Cc: Jingoo Han, Lee Jones, linux-fbdev, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 1202 bytes --]
On Fri 2017-05-12 08:20:04, Michal Hocko wrote:
> On Thu 11-05-17 23:07:55, Pavel Machek wrote:
> > On Thu 2017-01-05 10:23:07, Michal Hocko wrote:
> > > Hi,
> > > I have just learned that my Xfce Power Manager cannot manipulate
> > > brightness because I do not have policykit installed on my computer.
> > > There is a reason for that (yeah it depends on systemd which I prefer
> > > not have).
> > >
> > > While this is clearly a problem of the Xfce applet I am wondering why
> > > setting the brightness has to be a privileged operation at all. Is there
> > > any strong reason for it or just a general policy that we do not give
> > > world writable files into sysfs?
> >
> > Well, if you have another user logged in using ssh, and changing _your_
> > brightness, that will be somehow annoying, right?
>
> I am pretty sure that such a user can do much larger harm than playing
> with brigtness of my LCD. Anyway I went with my own rc.local hack.
Can he? Those are bugs to be fixed. We don't want them in kernel...
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: setting brightness as privileged operation?
@ 2017-05-12 9:47 ` Pavel Machek
0 siblings, 0 replies; 10+ messages in thread
From: Pavel Machek @ 2017-05-12 9:47 UTC (permalink / raw)
To: Michal Hocko; +Cc: Jingoo Han, Lee Jones, linux-fbdev, linux-kernel
[-- Attachment #1: Type: text/plain, Size: 1202 bytes --]
On Fri 2017-05-12 08:20:04, Michal Hocko wrote:
> On Thu 11-05-17 23:07:55, Pavel Machek wrote:
> > On Thu 2017-01-05 10:23:07, Michal Hocko wrote:
> > > Hi,
> > > I have just learned that my Xfce Power Manager cannot manipulate
> > > brightness because I do not have policykit installed on my computer.
> > > There is a reason for that (yeah it depends on systemd which I prefer
> > > not have).
> > >
> > > While this is clearly a problem of the Xfce applet I am wondering why
> > > setting the brightness has to be a privileged operation at all. Is there
> > > any strong reason for it or just a general policy that we do not give
> > > world writable files into sysfs?
> >
> > Well, if you have another user logged in using ssh, and changing _your_
> > brightness, that will be somehow annoying, right?
>
> I am pretty sure that such a user can do much larger harm than playing
> with brigtness of my LCD. Anyway I went with my own rc.local hack.
Can he? Those are bugs to be fixed. We don't want them in kernel...
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: setting brightness as privileged operation?
2017-05-12 9:47 ` Pavel Machek
@ 2017-05-17 11:02 ` Michal Hocko
-1 siblings, 0 replies; 10+ messages in thread
From: Michal Hocko @ 2017-05-17 11:02 UTC (permalink / raw)
To: Pavel Machek; +Cc: Jingoo Han, Lee Jones, linux-fbdev, linux-kernel
On Fri 12-05-17 11:47:12, Pavel Machek wrote:
> On Fri 2017-05-12 08:20:04, Michal Hocko wrote:
> > On Thu 11-05-17 23:07:55, Pavel Machek wrote:
> > > On Thu 2017-01-05 10:23:07, Michal Hocko wrote:
> > > > Hi,
> > > > I have just learned that my Xfce Power Manager cannot manipulate
> > > > brightness because I do not have policykit installed on my computer.
> > > > There is a reason for that (yeah it depends on systemd which I prefer
> > > > not have).
> > > >
> > > > While this is clearly a problem of the Xfce applet I am wondering why
> > > > setting the brightness has to be a privileged operation at all. Is there
> > > > any strong reason for it or just a general policy that we do not give
> > > > world writable files into sysfs?
> > >
> > > Well, if you have another user logged in using ssh, and changing _your_
> > > brightness, that will be somehow annoying, right?
> >
> > I am pretty sure that such a user can do much larger harm than playing
> > with brigtness of my LCD. Anyway I went with my own rc.local hack.
>
> Can he? Those are bugs to be fixed. We don't want them in kernel...
Good luck with that whack a mole. But more seriously. Having an
untrusted user on a system requires many measures including a very
restricted access to mounted filesystems to contain such a user.
Something tells me that /sys is one of the first candidate to deny
access to.
Instead it seems that we enforce people to use policy kit and other crap
to allow to use my HW as I want. I will not argue more here, I have a
workaround for me but this is just weird...
--
Michal Hocko
SUSE Labs
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: setting brightness as privileged operation?
@ 2017-05-17 11:02 ` Michal Hocko
0 siblings, 0 replies; 10+ messages in thread
From: Michal Hocko @ 2017-05-17 11:02 UTC (permalink / raw)
To: Pavel Machek; +Cc: Jingoo Han, Lee Jones, linux-fbdev, linux-kernel
On Fri 12-05-17 11:47:12, Pavel Machek wrote:
> On Fri 2017-05-12 08:20:04, Michal Hocko wrote:
> > On Thu 11-05-17 23:07:55, Pavel Machek wrote:
> > > On Thu 2017-01-05 10:23:07, Michal Hocko wrote:
> > > > Hi,
> > > > I have just learned that my Xfce Power Manager cannot manipulate
> > > > brightness because I do not have policykit installed on my computer.
> > > > There is a reason for that (yeah it depends on systemd which I prefer
> > > > not have).
> > > >
> > > > While this is clearly a problem of the Xfce applet I am wondering why
> > > > setting the brightness has to be a privileged operation at all. Is there
> > > > any strong reason for it or just a general policy that we do not give
> > > > world writable files into sysfs?
> > >
> > > Well, if you have another user logged in using ssh, and changing _your_
> > > brightness, that will be somehow annoying, right?
> >
> > I am pretty sure that such a user can do much larger harm than playing
> > with brigtness of my LCD. Anyway I went with my own rc.local hack.
>
> Can he? Those are bugs to be fixed. We don't want them in kernel...
Good luck with that whack a mole. But more seriously. Having an
untrusted user on a system requires many measures including a very
restricted access to mounted filesystems to contain such a user.
Something tells me that /sys is one of the first candidate to deny
access to.
Instead it seems that we enforce people to use policy kit and other crap
to allow to use my HW as I want. I will not argue more here, I have a
workaround for me but this is just weird...
--
Michal Hocko
SUSE Labs
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2017-05-17 11:02 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-01-05 9:23 setting brightness as privileged operation? Michal Hocko
2017-01-05 9:23 ` Michal Hocko
2017-05-11 21:07 ` Pavel Machek
2017-05-11 21:07 ` Pavel Machek
2017-05-12 6:20 ` Michal Hocko
2017-05-12 6:20 ` Michal Hocko
2017-05-12 9:47 ` Pavel Machek
2017-05-12 9:47 ` Pavel Machek
2017-05-17 11:02 ` Michal Hocko
2017-05-17 11:02 ` Michal Hocko
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.