Re: root login
<quote who="Sven Luther">
> No, i think your first understanding was right, what i think is that the
> root needing apps in gnome should be able to work as user (for the allowed
> users or something) if you are going to forbid to use gnome as root.
The issues are entirely separate. We need a permissions-granting mechanism
regardless of the status of the GDM option.
> > No, not really. This is not a general solution. Lots of people don't
> > have sudo installed, let alone use it, let alone know how it works. Is
> > there even a reasonable sudo *configurator* GUI? Can't find anything in
> > Debian, which for all intents and purposes means "no". :-)
>
> Ok, i understand that it is not the right solution, it would be fixing
> things for people who know how to do it though. And the lack of sudo
> configuration GUI is no argument. We only need someone to write it, which
> is the same thing that is needed for the proper solution.
No, it's not. A general solution would not rely on sudo at all.
> > Why not use (and put a pretty / usable face on) existing infrastructure?
>
> Which ones ?
su, sudo, pam, other systems in other environments.
> I think i have seen in one of the gdm changelogs that the gdm author
> didn't think such a thing was feasible, don't know the details though.
This has nothing to do with GDM.
> > It also sounds somewhat overblown and unnecessary. You're trying to put
> > a usable face on a process that most users simply won't care about.
> > Stupid but relevant point: Ever seen a Mac or Windows user boot a
> > different kernel? :-)
>
> Well, you are falling again into the most users don't need it, so it is
> not worth it, and anyway, you are wrong, windows has this 'reboot into
> msdos' thingy, which is comparable in functionality.
>
> Also all people who want to use their box for games are often forced to
> reboot into windows, but i forgot, gnome is now aimed at corporate
> desktops.
I believe you're wrong, and not focusing on what's actually important. But
this is all off-topic.
[ 8< snip random personal issues 8< ]
> > Anyway, the point is that GNOME needs a general solution to these
> > problems that is portable and secure.
>
> I don't understand the portability problems. I also don't understand the
> security problems.
>
> The point is that there are some apps that need root. These can easily be
> solved by using sudo, or better yet by creating a group which has the
> right to modify them, and adding the user to this group. Not a single line
> of code would need to be modified.
Can you see that these statements do not work well together? Sorry, but if
don't understand the security/portability issues, nor want to find out about
them, you're not actually saying anything useful. What you have said not
correct (it is not a simple issue).
> So you could solve this in a transparent way simply by using the right
> kind of group, and i suppose you would need a group handling GUI for
> this, but it is a known and working unix solution to this.
A general solution, which this is not, is not that simple. And without a
general solution, you haven't solved much.
Sorry.
- Jeff
--
linux.conf.au 2004: Adelaide, Australia http://lca2004.linux.org.au/
"Biology is the only science in which multiplication means the same
thing as division." - Greg Leblanc
Reply to: