Wednesday, February 29, 2012

Let Cooler Heads Prevail with Security

A long while back I wrote about my attempts with passwordless logins and how, instead of people trying to understand the use case, they attacked me under the auspices of security. This is by no means a new argument... the same brand of venom is spewed on behalf of X11's olde tyme conventions, SysV initialization or LSB compliance. Bear in mind the distribution maintainers themselves actually understand these use cases, but often well-intentioned users assume that the same profiles that work for a server installation should also apply to a kid's laptop.

And then they woke papa bear.

I noticed in my Google+ stream that Linus Torvalds had a similar rant, this time also around network & printer administration. Not only that but the focus of his ire was aimed at openSUSE, the same distribution I alternate ranting and raving about. His arguments were not unlike my own - not everything needs to be locked behind a root password (or even a password for that matter). True, you can circumvent or correct this behavior by changing access levels and permissions, but that can be a hairy proposition. By the time your kids / wife / sales people run across this issue, they're already frustrated and you've lost 'em.

Of course there was backlash... and Linus' parting shot didn't quite help things either. The Register even carried a story about the "tantrum" and interviewed openSUSE director Andreas Jaeger, who admitted Linus' had a valid use case but that ultimately "there are bugs but it's not as simple as [Linus] states."

It kinda is and kinda isn't "as simple." User-level access to print queues should be a doable thing. I believe time zone changes can happen just fine - I tested in KDE and while the system timezone did not change, the time displayed on the desktop switched to US Central just fine. NetworkManager no longer needs administrative access (unless you want it to) and yes, passwordless logins have been working for some time now.

In the end, I understand Linus' frustration but have to say that Ubuntu and Fedora are just as bad. Yes, it would be nice to have CUPS admin normal users as admins, definitely. I can't help but wonder if this angst is due to the Linux desktop being so close, and yet so far away. There are still rough edges to iron out, but for an internationalized effort of distributed engineers coming together to make an open-source desktop OS for the love of the game, things are looking pretty damn peachy.

No comments:

Post a Comment