[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: XDM... source level

> I hate to keep mentioning KDE on this group but they keep coming up :)
Where they have good ideas, we should use them.  Heck, we can even use 
their code where it doesn't interact with Qt.  As long as it's GPL'd, we're 

> I just had a Look at KDM ( yes a KDEised version of XDM ),  It has a 
> "shutdown" button that pops up  a list of 4 options ( ShutDown, Shutdown
> and Restart, Exit KDM, and of course cancel ).
Oh, ok, this would involve using Qt.  Still, it's probably relatively 
trivial to remove that code and put in something else.

> BTW it also has a list of users represented by labeled icons with root
> having a different appearance from the others.  You can simply click
> your user ( or type in the name ) then enter the password or click "Go" if
> you don't have one.
Sounds like a good idea for machines with small user counts.  A icon (could 
even be a picture of the user :) would represent people instead of 
usernames, and it might make things a lot easier for some people.  It 
should be an option, though, along with the normal method.  We can decide 
on a default later, and figure out if we want to ask them about it during 
install.  But if someone wants something to do, that would be something to 
look into.

> There are probably a million security reasons to not use this in a
> traditional *nix setting, but when Linux is running in Windows 95 like
> jobs ( Most desks in any office, or at home ) there is no need for REAL
> security at this level ( You could even disable remote logins ( although
> this is a bad option as far as admins are concerned ... And we do want to
> be nice to them :)
We should be very careful with security, because this *is* Unix, after all. 
You put your Windoze95 box on the net to surf the Web and the only attack 
is a teardrop.  You put a Linux box on the net to surf and you have *all* 
the Unix tricks at your disposal.  For that reason, we have to be extremely 
careful.  We do have the advantage of being able to shut of or firewall out 
all the traffic that shouldn't be happening anyway, though.

Once we have something concrete to hack on, a small group should get 
together and hack at the machine as hard as possible to try to find and 
close all the security holes.  It's not a priority right now, though.

     Erik Walthinsen <omega@seul.org> - SEUL Project system architect
       /  \                SEUL: Simple End-User Linux -
      |    | M E G A            Creating a Linux distribution
      _\  /_                         for the home or office user