[Bugs] #1884 UNSP: use system settings instead of user settings for NetworkManager
Sugar Labs Bugs
bugtracker-noreply at sugarlabs.org
Wed Mar 31 16:30:56 EDT 2010
#1884: use system settings instead of user settings for NetworkManager
------------------------------------------+---------------------------------
Reporter: sascha_silbe | Owner: tomeu
Type: enhancement | Status: new
Priority: Unspecified by Maintainer | Milestone: 0.90
Component: sugar | Version: Git as of bugdate
Severity: Major | Keywords:
Distribution: Unspecified | Status_field: New
------------------------------------------+---------------------------------
I was perfectly sure I had already filed this as a Trac ticket, with quite
some elaboration - but cannot find it anywhere. :-/
For storing network connection information we should use
[http://live.gnome.org/NetworkManager/SystemSettings system settings] by
default, not [http://live.gnome.org/NetworkManagerConfiguration user
settings]. Currently we don't support the former at all (whereas the Gnome
UI allows the user to tick a checkbox during configuration to choose
between the two).
Using system settings allows NetworkManager to connect to the network
indepently of any user being logged in. Some of the benefits:
1. Ability to ssh into a machine where Sugar is broken (=> no network at
all with the current "user settings" strategy).
2. No connection loss on restart of Sugar.
3. Automated tools (e.g. NTP, IPv6 tunnel) might get a network connection
during boot.
4. Faster collaboration startup.
5. Bugs in our implementation of the user settings won't hit the majority
of users. ;)
I consider it not to be a security issue due to the (assumed) distribution
of use cases:
1. Most computers (laptops and desktops) that run Sugar are single-user;
everyone who can (physically) log in to the machine is going to be trusted
to ''use'' any configured network connection (though not read the password
- but given the way the
[http://live.gnome.org/NetworkManagerDBusInterface/Late..g.freedesktop.NetworkManagerSettings.Connection.Secrets
NetworkManager D-Bus API] is structured that shouldn't be an issue)
2. Most multi-user machines will handle the network connection as part of
the system setup and not run NetworkManager resp. not allow users to
fiddle with the network connection at all. This especially includes LTSP-
style setups.
3. The remaining fraction of systems is rather likely to have experienced
system administrators willing and able to lock down the system on their
own, including modifying D-Bus / PolicyKit configs to fit their needs.
Disadvantages:
1. Requires D-Bus or PolicyKit configuration to allow the Sugar user to
access NetworkManager system settings. OTOH we already require D-Bus
configuration to allow the Sugar user to access NetworkManager user
settings.
--
Ticket URL: <https://bugs.sugarlabs.org/ticket/1884>
Sugar Labs <http://sugarlabs.org/>
Sugar Labs bug tracking system
More information about the Bugs
mailing list