On Thu, Sep 21, 2000 at 01:43:05AM +0200, Daniele Cruciani wrote: > > Sorry, i think here there was a misunderstood, I wasn't talking about > a possible bug of RH, but of a possible facility... > > I've missed something: before starting the program that require root > privileges, RH starts a program for asking root's password, and next (if > the given password is correct) it start root's program. it would be better for the configuration program to run unprivileged as the user, ask the user for the root password and run a small non-X backend program which checks the root password and takes care of the privileged operations. ideally this small module doing the privileged operations should use pam, so things like pam_wheel can be used to prevent random schmuts from messing around with configuration utils. this module should be the thing asking the password (perhaps an interface where the GUI app displays a dialog but the password is passed to the module, similar to ssh-askpass) running X based programs as root is evil, and should be avoided at all costs. (recently pointed about by bugs found in xlib, where there is surely many many more) > So, actually the program is launched by root, but the facility is that > isn't needed to open a terminal emulator, su and start a program. yes, this is a poor method anyway for security reasons. X based software should never be run as root. > This scenario is for a desktop user, who could be afraid by textual > interface and don't want to log in as root ... but also is for a lazy > person that prefer simple way than hard one, when/if possible. Apple's MacOSX (as least server, not sure if the client does it the same) has graphical configuration programs that any user may run, but privileged configurations (such as the network panel) are read-only unless the user clicks a lock icon in the window, the program then asks for the root password (if the user is member of group wheel i think) and once supplied the read-only configuration screen becomes read-write. -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgpw5Z7vs0zHM.pgp
Description: PGP signature