Re: keeping passwords
On August 31, 2005 09:05 am, Derek Broughton wrote:
> Freddie Cash wrote:
> >> Giacomo Lacava wrote:
> >>>> Hmmm, that is a serious security issue. I was hoping there would
> >>>> be a password encrypted password cache or something similar.
> >>>
> >>> KWallet is what you are talking about. It works wonderfully for
> >>> KDE-based applications. unfortunately, Synaptic is GNOME-based...
> >>> You definately need to check out kdesu/kdesudo docs however.
> >>
> >> How do you use it with kdesu? kdesu doesn't even have a man page
> >> and, on Ubuntu at least, /usr/share/doc/kde/HTML/en/kdesu/ has no
> >> valid documentation!
> On that subject, it does seem to have a valid docbook - so what do I
> need to read docbooks?
> > kdesu does so have a man page. See attached.
> (a) gmane doesn't appear to pass attachments.
Hrm, that sucks.
> (b) No it doesn't. KDE may provide one, but it isn't part of the
> Ubuntu package (and so I'm betting Debian, too) which contains kdesu
> (kdebase-bin).
Yes, it does have a man page. It's installed
as /usr/share/man/man1/kdesu.1.gz on my Debian 3.1 system running KDE
3.4.1. If your Ubuntu system doesn't have it, then that's an Ubuntu
packaging issue, not a kdesu issue. According to apt, the
kdebase-bin-4.3.1-1 package for Debian includes the
file /usr/share/man/man1/kdesu.1.gz.
There's also a KDE help centre file for it, which can be accessed via
the Help Center, or help:/kdesu in Konqueror.
Here's the text of the man page, just for you, since you seem to think
it doesn't exist:
KDESU(1) Runs a program with elevated
privileges. KDESU(1)
NAME
kdesu - Runs a program with elevated privileges.
SYNOPSIS
kdesu [Qt-options] [KDE-options] [kdesu options] command
DESCRIPTION
Runs a program with elevated privileges.
KDE su is a graphical front end to the Unix su utility. It allows
you to run programs as another user by entering
their password. It is not a SUID root program, but runs
unprivileged. The system program su is used for acquiring
special privileges.
kdesu has the ability to store passwords for the convenience of
users. The passwords are NOT written to disk, but
stored in memory using a special program, kdesud. This is only
done if the user specifies that the password be
remembered. In this case, passwords are stored in memory
for a certain period of time before being removed.
kdesud runs in such a way that only the user who entered the
password originally can use it, though no one, not
even the user who originally entered the password, can
retrieve the password that is stored by kdesud. Through
these measures, users can avoid having to repeatedly enter root
passwords or other passwords, without a signifi-
cant risk to overall system security.
OPTIONS
Generic options:
--help Show help about options
--help-qt
Show Qt specific options
--help-kde
Show KDE specific options
--help-all
Show all options
--author
Show author information
-v, --version
Show version information
--license
Show license information
kdesu Options:
-c <command>
Specifies the command to run
-f <file>
Run command under target uid if <file> is not writable
-u <user>
Specifies the target uid [default is root]
-n Do not keep password
-s Stop the daemon (forgets all passwords)
-t Enable terminal output (no password keeping)
-p <prio>
Set priority value: 0 <= prio <= 100, 0 is lowest [default
is 50]
-r Use realtime scheduling
--nonewdcop
Let command use existing dcopserver
-i <icon name>
Specify icon to use in the password dialog
-d Do not show the command to be run in the dialog
Arguments:
command
Specifies the command to run
SEE ALSO
Full user documentation is available through the KDE Help
Center. You can also enter the URL help:/kdesu/
directly into konqueror or you can run `khelpcenter help:/kdesu/'
from the command-line.
AUTHORS
Geert Jansen <jansen@kde.org>
Pietro Iglio <iglio@fub.it>
This manual page was written by Christopher Martin
<chrsmrtn@freeshell.org> for Debian GNU/Linux, but may
be used by others. It borrows from an earlier manpage by Karolina
Lindqvist <pgd-karolinali@algonet.se>.
K Desktop Environment May 2005
KDESU(1)
--
Freddie Cash, CCNT CCLP Helpdesk / Network Support Tech.
School District 73 (250) 377-HELP [377-4357]
fcash-ml@sd73.bc.ca
Reply to: