Ticket #1884 (closed enhancement: fixed)
migrate to NetworkManager 0.9
|Reported by:||sascha_silbe||Owned by:||tomeu|
|Priority:||Unspecified by Maintainer||Milestone:||0.94|
|Component:||sugar||Version:||Git as of bugdate|
I was perfectly sure I had already filed this as a Trac ticket, with quite some elaboration - but cannot find it anywhere. :-/
For storing network connection information we should use system settings by default, not user settings. Currently we don't support the former at all (whereas the Gnome UI allows the user to tick a checkbox during configuration to choose between the two).
Using system settings allows NetworkManager to connect to the network indepently of any user being logged in. Some of the benefits:
1. Ability to ssh into a machine where Sugar is broken (=> no network at all with the current "user settings" strategy).
2. No connection loss on restart of Sugar.
3. Automated tools (e.g. NTP, IPv6 tunnel) might get a network connection during boot.
4. Faster collaboration startup.
5. Bugs in our implementation of the user settings won't hit the majority of users. ;)
I consider it not to be a security issue due to the (assumed) distribution of use cases:
1. Most computers (laptops and desktops) that run Sugar are single-user; everyone who can (physically) log in to the machine is going to be trusted to use any configured network connection (though not read the password - but given the way the NetworkManager D-Bus API is structured that shouldn't be an issue)
2. Most multi-user machines will handle the network connection as part of the system setup and not run NetworkManager resp. not allow users to fiddle with the network connection at all. This especially includes LTSP-style setups.
3. The remaining fraction of systems is rather likely to have experienced system administrators willing and able to lock down the system on their own, including modifying D-Bus / PolicyKit configs to fit their needs.
1. Requires D-Bus or PolicyKit configuration to allow the Sugar user to access NetworkManager system settings. OTOH we already require D-Bus configuration to allow the Sugar user to access NetworkManager user settings.