Rebel Zero

As a matter of fact, I’m writing this on my Intrepid test-laptop.

The install went as flawless as any previous Ubuntu release. My test-laptop has an odd Broadcom wireless adapter that only Ubuntu can probe correctly and install the correct driver for it, even on the Beta of 8.10. What it doesn’t install, contrary to 8.04, is ATI’s proprietary driver to run the accelerated graphics chipset on the laptop’s Radeon XPress 1250. From reading bug reports, this has to do with an incompatiability between AMD/ATI’s fglrx driver and the new version of X.org’s xserver (1.5) that Intrepid is using. The solution for now is having Ubuntu automatically revert users to ati or radeon drivers on an install or an upgrade until a fixed version of the fglrx driver is available. Older versions of Nvidia’s drivers are having similiar issues.

The Guest session feature needs some work. According to Ubuntu’s 8.10 Techinical Overview page, this “creates a temporary password-less user account with restricted privileges: the account cannot access any users’ home directories, nor permanently store data. This is sufficiently safe to lend your laptop to someone else for a quick email check.” While the idea is sound, it has a critical flaw. While yes, there are restrictions, users’ home directories are still very vulnerable because of permissions.

While logged in as a guest, I was able to browse most of my regular home directory with any application. While trying to view a text file with gedit failed, I was successful at the command line. This probably has more to do with the file/directory permissions when setting up users’ home directories than the Guest session feature itself. Until I removed the access permission for others from my home directory, I could view most of the directories or files contained within. I set the permission to 750 with chmod. After that, the Guest session couldn’t access it. Strangely enough, as a normal user, one can not access any Guest files in the /tmp folder without root access.

Alternately, changing the umask in the /etc/profile from 022 to 027 should be enough to prevent Guest sessions from accessing users’ files. But this wouldn’t change previous files or directories without also changing their permissions with chmod. This would pose a challenge to new users who don’t have the knowledge to do so.

I’d also like to have access to the Guest session through the GDM rather than having to log in first as a normal user. I understand that the idea is to not allow access to a computer without authorization, but I would still like the option to allow it. Since anyone with a LiveCD can access a computer and the files stored on it, albeit one without an encrypted hard drive, keeping the Guest session restricted like this seems a bit unwarranted. However, since file permissions aren’t set correctly as I’ve shown above, I wouldn’t want a Guest session at all until they were fixed.

I haven’t come across any other issues, yet. I’ll definitely toss up another post when I do. We still have until the end of the month before the official release. Hopefully by then both of these issues will be resolved.