[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gksu, ktuss and other ways to get root

Raphael Geissert wrote:
[Please do _only_ send the email to the ML, I read it.]

Rob Taylor wrote:
Well, the real fd.o solution here is PackageKit. Its a bad thing to run
things using graphical toolkits as root, as they're not going to have
been audited for security. With PackageKit you use a small, auditable
dbus service to do the task you need doing as root, and have the actual
UI running in the users security domain.

Uhh, obviously I meant PolicyKit here, PackageKit is something completely different...

The problem is that not everything/one uses dbus, and software would need to
be rewritten.

This is true. At least for GNOME this is making good progress however. KDE also seems to be making some progress in this regard as well. It'd be good (maybe after GNOME 2.26) to keep a list of common apps in collaboration with upstream that aren't using PolicyKit.

I strongly agree that running X11 apps as root is not good; but the point of
the discussion is how to correctly su to root in a cross-desktop-compatible
manner, not how perfect world is :).

I was replying to the message of the 'perfect world' of having an xdg util for su-to-root.. I'd suggest for now a simple solution would be to write a debian-desktop specific util that does what a hypothetical xdg-get-root would do (and then maybe propose it for inclusion in xdg-utls ;) ).




Reply to: