Re: Window manager - implementation bug/feature ???

[mithun () CYBERSPACE ORG (Mithun Bhattacharya)]

Hi,

First of all my appologies to the group I didn't verfiy what I was doing
before shooting off like that !! To clarify It has nothing to do with the
Window manager. As told earlier this is a new feature added in RedHat 6.0.

http://www.redhat.com/knowledgebase/newpam/

Another thing which got a few people confused was the /dev/hdc - I believe
I had written that is my cdrom drive - my appologizes if that wasn't
written clearly enough.

BUT what I think everyone missed in all the discussion is that the devices
are still owned by the non-priviledged user even though the superuser did
a su and he is using the console with root priviledges.

I think the whole topic needs some more discussion as to how the system
can give access to certain devices to non-priviledged user (upon login on
console only) without giving access to the raw device itself. I don't
think it is a good idea to give access to the raw device.  According to
the responses till now Debian and Solaris have handled the situation in
different ways. What I would like to hear are the security implications of
the three methods discussed till date. Any comments will be highly
appreciated (even though I w as so late in replying).

Regards
Mithun