Re: gksu, ktuss and other ways to get root
Raphael Geissert wrote:
[Please do _only_ send the email to the ML, I read it.]
Rob Taylor wrote:
Well, the real fd.o solution here is PackageKit. Its a bad thing to run
things using graphical toolkits as root, as they're not going to have
been audited for security. With PackageKit you use a small, auditable
dbus service to do the task you need doing as root, and have the actual
UI running in the users security domain.
Uhh, obviously I meant PolicyKit here, PackageKit is something
The problem is that not everything/one uses dbus, and software would need to
This is true. At least for GNOME this is making good progress however.
KDE also seems to be making some progress in this regard as well. It'd
be good (maybe after GNOME 2.26) to keep a list of common apps in
collaboration with upstream that aren't using PolicyKit.
I strongly agree that running X11 apps as root is not good; but the point of
the discussion is how to correctly su to root in a cross-desktop-compatible
manner, not how perfect world is :).
I was replying to the message of the 'perfect world' of having an xdg
util for su-to-root.. I'd suggest for now a simple solution would be to
write a debian-desktop specific util that does what a hypothetical
xdg-get-root would do (and then maybe propose it for inclusion in
xdg-utls ;) ).