Kontact Touch running on Harmattan
Laszlo Papp
lpapp at kde.org
Mon Oct 24 21:03:17 UTC 2011
> With regard to the dirmngr problem i could not get aegis to correctly work. It
> always told me the files i've requested credentials in this form:
> <request>
> <credential name="CAP::chown"/>
> <for path="/var/log/dirmngr.log"/>
> </request>
This is not what I recommended.
> but it always told me "Package dirmngr: <for> refers
> to '/var/log/dirmngr.log', not installed by that package -- ignored "
> Altough i explicitly install an empty file at that location (since touching is
> also not allowed.)
See above: it is just a misuage. You did not theoritically change the
logic to the original problem. It was designed to not work this way.
> After spending quite some time trying to figure out how to work with aegis
> correctly I gave up and the dirmngr.log and cached crls are now
> read/writeable by every user and not just group dirmgr. I think this is
> acceptable on a typical "single user" device. (Good lesson how it works if
> security is just to much of a hassle? It gets even more insecure because you
> work around it ;-) )
I would like to be happy to avoid the #harmattan channel style, if I
can ask. Read your lines as a security platform developer like me (or
anybody from our team) who tries to help with it (not too
encouraging). I need to admit I kinda burnt out on the #harmattan
channel because of similar things which started this way..
Best Regards,
Laszlo Papp
More information about the Kde-mobile
mailing list