[795] in athena10
Re: Changes to debathena-gdm-config
daemon@ATHENA.MIT.EDU (Jonathan Reed)
Thu Jan 8 14:44:04 2009
Cc: Geoffrey Thomas <geofft@mit.edu>, athena10@mit.edu
Message-Id: <79DD223E-30B4-44FD-897C-7CF89383E868@mit.edu>
From: Jonathan Reed <jdreed@MIT.EDU>
To: Anders Kaseorg <andersk@mit.edu>
In-Reply-To: <alpine.DEB.2.00.0901081245540.11108@vinegar-pot.mit.edu>
Content-Type: text/plain; charset=WINDOWS-1252; format=flowed; delsp=yes
Mime-Version: 1.0 (Apple Message framework v919.2)
Date: Thu, 8 Jan 2009 14:43:34 -0500
Content-Transfer-Encoding: 8bit
On Jan 8, 2009, at 12:53 PM, Anders Kaseorg wrote:
> On Wed, 7 Jan 2009, Geoffrey Thomas wrote:
>> The first is that it disables a couple of permission checks in
>> gdm.conf:
>> …
>> If we know that these checks don't cause problems for AFS users,
>> they can be reverted.
>
> That’s the wrong way to go about justifying a config change. Do we
> know that these checks _do_ cause problems for AFS users? If not,
> we should leave the default.
I believe this is the check whether the user's homedir is something
other than 755. Crufty people have a chmod 777 AFS homedir, and gdm
gets upset at this and refuses to look at ~/.dmrc because of this.
Currently, I believe, people with a chmod 777 homedir get a zenity
warning informing them that they're crufty and can ignore the .dmrc
warning.
So these permission checks are annoying for some AFS users. However,
they're probably sane for users using local homedirs (ie: people
running -standard and -login).
-Jon
