[Server-devel] /etc/xs-sigchecks-enabled

Douglas Bagnall douglas at paradise.net.nz
Wed Nov 5 20:56:14 EST 2008


Martin wrote:

> My take on this is that it means 'do what seems sensible with usb
> input' -- in that sense it's a "xs-security-on" flag, rather than
> pointing to a particular mechanism. (maybe worthy of a rename before
> 0.5 is released?)

Yes, a rename and clarification of semantics is quite doable, and
sooner is better.  I might be able to do it tonight or tomorrow.

By default, the xs-check script errors if the flag is not there; you
need to use the --tolerate-nosigs option to get the 'you can do
anything' behaviour.  On the other hand, xs-sum is always permissive
if the flag is not set.  I think this is correct for every current
user of xs-sum, but we should probably change it before too long.


Douglas


More information about the Server-devel mailing list