On Wed, 29 Jul 2015 10:21:37 +0200
tilt! <tilt@???> wrote:
> Hi,
>
> Steve Litt wrote on 29/07/2015 at 06:25 CEST:
> > [...]
> > Meanwhile, as far as I can see, their entanglement with
> > polkit does nothing more than my idea about sudo.
> > Does anyone see any reason why polkit should be assumed
> > more secure than sudo?
>
> I don't know about polkit, but sudoers(5) is a mess,
This is exactly my point. Every last problem of sudo is taken
seriously, while everyone seems to give polkit a pass.
Maybe there's another way around this: A daemon, running as root, that
senses something being plugged in, and mounts it. Since it's running as
root, no sudo or polkit needed. And, a facility by which a normal user
can tell this daemon to mount or unmount some specific thing.
SteveT
Steve Litt
July 2015 featured book: Rapid Learning for the 21st Century
http://www.troubleshooters.com/rl21