Re: localeconf package
On Sat, 2002-02-16 at 22:44, Gustavo Noronha Silva wrote:
> a working sudo ls is not enough... gnome-sudo is totally broken, IMO...
> it needs to be able to execute /usr/lib/gnome-sudo/gnome-sudo-helper
> as root, which is a script that is able to call *any* program... is just
> like giving root access to /bin/sh
Uh... I use gnome-sudo every day for an unrelated thing, and it works
fine for me.
gnome-sudo-helper is a shell script that sets up X stuff before calling
any program you pass it, yes. OTOH, it's a simple shell script,
non-setuid (as if that would work anyway). You still need to gain root
via some other method; if you can do that, you don't need
gnome-sudo-helper (unless your l33t programz need an X display).
But if you can find some security problem with it, or any other problem,
feel free to file bugs on it.
> is it that difficult to use su instead of sudo? I think it is a lot
> safer and a lot more user friendly
The configlets need a way to run programs as root (specifically debconf
stuff and the postinsts of the programs they configure). Any way they
can do that is fine.
Unfortunately, the only way I know of to ask for the root password via
an X window halfway safely (and without the ugliness of "xterm -e") is
with gnome-sudo. If you have any better ways, let me know.
Reply to: