[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: it's so easy ...

On Fri, Sep 22, 2000 at 11:35:38PM +0200, Daniele Cruciani wrote:
> No, actually I wasn't saying, I've just said run 'it' as root if 'it'
> is a X based app should stop (i.e. use only libc (part of it) while
> you are running as root).

ok i think i was not understanding you right.

> However, maybe now it's clean what RH probably does:
> when is launched gnorpm:
> - ask for admin password setting lock.
> - start an user app that read the present configuration and let you
>   change it.
> - when you have done re-ask you for root (??? - actually, i've never
>   tried, my experience with RH was very short).
> - run su program someway (i.e. su)
> (third step could be skipped if it has some way to remember root password)

i don't know what gnorpm does, but based on what i have seen of redhat
thier answer to these types of problems is usually to slap the suid
bit on the program and be done with it.  or just make the user su then
run it.  they modified thier su to forward X keys around so this works
(a very bad idea IMO)

> Probably, what appear to me as user is that there is some other program
> that start the app as root.
> Ok, given that this is as secure as running a text application as
> root, and given that gnome-apt isn't secure, it should be clean that
> gnome-apt should be change in this way (there number of version of
> 'this way', it's clean).

i think you mean clear not clean?

> That is what I was saying ... somewhere I've got a dictionary
> ... somewhen i can find time to develop better my english, I'm sorry
> for confusion.

thats ok ;-)

Ethan Benson

Attachment: pgpGO24QaeiX_.pgp
Description: PGP signature

Reply to: