[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: it's so easy ...

There was an interference, you have tuned in the right chanel what
I was saying :)
Something like MacOSX configurator would be cool and usable for Debian
too.

Also, as far the issue of running an X based program as root remain
even if you su in terminal, such a solution is more sure than having
an apt front-end that could not start at all if it can't open the lock
file (i.e. if it isn't launched by root).

Actually, gnome-apt is cool, but at this time lack on security; but
gnome-apt is not alone for example logview is unusable, gpowertweak
run only as root and one can probably find a lot of other example.

I was not speaking about a global configurator, of course, but of a
single program that require to be root for running under X, for
example gnorpm is a problem in term of security, debian should not
have such a problem

On Wed, Sep 20, 2000 at 06:43:08PM -0800, Ethan Benson wrote:
> On Thu, Sep 21, 2000 at 01:43:05AM +0200, Daniele Cruciani wrote:
> > 
> > Sorry, i think here there was a misunderstood, I wasn't talking about
> > a possible bug of RH, but of a possible facility...
> > 
> > I've missed something: before starting the program that require root
> > privileges, RH starts a program for asking root's password, and next (if
> > the given password is correct) it start root's program.
> 
> it would be better for the configuration program to run unprivileged
> as the user, ask the user for the root password and run a small non-X
> backend program which checks the root password and takes care of the
> privileged operations.
> 
> ideally this small module doing the privileged operations should use
> pam, so things like pam_wheel can be used to prevent random schmuts
> from messing around with configuration utils.  this module should be
> the thing asking the password (perhaps an interface where the GUI app
> displays a dialog but the password is passed to the module, similar to
> ssh-askpass) 
> 
> running X based programs as root is evil, and should be avoided at all
> costs.  (recently pointed about by bugs found in xlib, where there is
> surely many many more)
> 
> > So, actually the program is launched by root, but the facility is that
> > isn't needed to open a terminal emulator, su and start a program.
> 
> yes, this is a poor method anyway for security reasons.  X based
> software should never be run as root.
> 
> > This scenario is for a desktop user, who could be afraid by textual
> > interface and don't want to log in as root ... but also is for a lazy
> > person that prefer simple way than hard one, when/if possible.
> 
> Apple's MacOSX (as least server, not sure if the client does it the
> same) has graphical configuration programs that any user may run, but
> privileged configurations (such as the network panel) are read-only
> unless the user clicks a lock icon in the window, the program then
> asks for the root password (if the user is member of group wheel i
> think) and once supplied the read-only configuration screen becomes
> read-write.
> 
> -- 
> Ethan Benson
> http://www.alaska.net/~erbenson/



-- 
Daniele Cruciani <cruciani@cli.di.unipi.it>
Universita` di Pisa - Informatica -
http://www.cli.di.unipi.it/~cruciani/
Reply to: