freenx-team team mailing list archive

[Marcelo Boveto Shima <marceloshima@xxxxxxxxx>]

I think that the difference between console and active console is thatthe
active console needs an active ConsoleKit session running.
So once you have an active ConsoleKit session then you will be
allowed to gain the PolicyKit permission.

The answer to the second question is yes.
If I'm not wrong, an Active Console is a local and active session on
ConsoleKit. If you don't set the session as active or local then
PolicyKit will forbid every action. Unless you set it action as
anyone: yes. This is not a good idea.

The fine grained permission based on the location the session is
running will only be accomplished with support build in udev and
consolekit. This support will be based on seats. A remote seat
will have different permission.

A workaround is to make mount capabilities based on user.

Regards

On Thu, Jun 25, 2009 at 3:23 PM, Sebastian Urban <urbans84@xxxxxxxxx>
wrote:

> There already seems to be a PolicyKit method to configure which user can
> access removable media. (see screenshot)
>
> Marcelo, can you please explain why sessions started by NX do not honor
> these permissions? Are all NX sessions started with "Active Console"
> permissions?
>
>
> ** Attachment added: "screenshot.png"
>   http://launchpadlibrarian.net/28376398/screenshot.png
>
> --
> Remote NX users can access locally connected removable media on the FreeNX
> server
> https://bugs.launchpad.net/bugs/388973
> You received this bug notification because you are a member of FreeNX
> Team, which is a direct subscriber.
>
> Status in FreeNX open source NX Server: New
>
> Bug description:
> Using latest packages from FreeNX PPA on Ubuntu Hardy.
>
> Steps to reproduce:
> 1. Make sure no user is logged in on FreeNX server host.
> 2. Connect to FreeNX server host via NX using session GNOME.
> 3. Insert USB storage device or a CDROM into the FreeNX server host.
>
> Result:
> The medium is mounted, assigned to the remotely logged in user and shown on
> his remote GNOME desktop via NX.
> If a different user logs in locally on the NX server he does not have
> permissions to access the medium.
>
> Expected result:
> The medium should not be mounted and the remote NX user should not be able
> to access it.
> If a user logs in locally on the NX server the medium should be mounted
> with his permissions and appear on his local GNOME desktop.
>
> _______________________________________________
> Mailing list: https://launchpad.net/~freenx-team
> Post to     : freenx-team@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~freenx-team
> More help   : https://help.launchpad.net/ListHelp
>

-- 
Remote NX users can access locally connected removable media on the FreeNX server
https://bugs.launchpad.net/bugs/388973
You received this bug notification because you are a member of FreeNX
Team, which is a direct subscriber.

Status in FreeNX open source NX Server: New

Bug description:
Using latest packages from FreeNX PPA on Ubuntu Hardy.

Steps to reproduce:
1. Make sure no user is logged in on FreeNX server host.
2. Connect to FreeNX server host via NX using session GNOME.
3. Insert USB storage device or a CDROM into the FreeNX server host.

Result:
The medium is mounted, assigned to the remotely logged in user and shown on his remote GNOME desktop via NX.
If a different user logs in locally on the NX server he does not have permissions to access the medium.

Expected result:
The medium should not be mounted and the remote NX user should not be able to access it. 
If a user logs in locally on the NX server the medium should be mounted with his permissions and appear on his local GNOME desktop.