Re: debian: user-request-daemon (it could solve some problems)

To: debian-mentors@lists.debian.org
Cc: Curt Manucredo <curtm2@yahoo.de>
Subject: Re: debian: user-request-daemon (it could solve some problems)
From: The Fungi <fungi@yuggoth.org>
Date: Tue, 27 Feb 2007 20:53:34 +0000
Message-id: <[🔎] 20070227205332.GP3386@yuggoth.org>
Mail-followup-to: debian-mentors@lists.debian.org
In-reply-to: <[🔎] 20070227212156.313d9728@phaethon>
References: <[🔎] 20070215142826.036370e8@phaethon> <[🔎] 45D47393.5010708@piatek.co.uk> <[🔎] 20070215173456.62fefce1@phaethon> <[🔎] 45D566FA.4080108@piatek.co.uk> <[🔎] 20070226202954.GM3386@yuggoth.org> <[🔎] 20070227041710.52e91541@phaethon> <[🔎] 20070227172717.GO3386@yuggoth.org> <[🔎] 20070227212156.313d9728@phaethon>

On Tue, Feb 27, 2007 at 09:21:56PM +0100, Curt Manucredo wrote:
[...]
> but anyway, next time i can not fall asleep i will ask YOU to read ME
> some manpages ;-)
[...]

My apologies for sounding harsh, but these are basic security
concepts that are fundamental to being able to safely provide
privileged programmatic access to resources as another user. That
sort of application is a serious security risk waiting to happen,
and is in no way a task for a novice programmer. Given the years of
testing and fixes applied to sudo to try and make it a safe
solution, you would do well to review its current source and
historical security holes so as to be at least slightly more certain
you're not making the same mistakes they did (learning from the
past). Distributing software designed to provide controlled
privilege escalation is not something to be taken lightly, though
obviously what you do on your computer is none of my business.
-- 
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fungi@yuggoth.org); IRC(fungi@irc.yuggoth.org#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fungi@yuggoth.org);
MUD(fungi@katarsis.mudpy.org:6669); WWW(http://fungi.yuggoth.org/); }

Reply to:

Follow-Ups:
- Re: debian: user-request-daemon (it could solve some problems)
  - From: Curt Manucredo <curtm2@yahoo.de>

References:
- debian: user-request-daemon (it could solve some problems)
  - From: Curt Manucredo <curtm2@yahoo.de>
- Re: debian: user-request-daemon (it could solve some problems)
  - From: Anton Piatek <anton@piatek.co.uk>
- Re: debian: user-request-daemon (it could solve some problems)
  - From: Curt Manucredo <curtm2@yahoo.de>
- Re: debian: user-request-daemon (it could solve some problems)
  - From: Anton Piatek <anton@piatek.co.uk>
- Re: debian: user-request-daemon (it could solve some problems)
  - From: The Fungi <fungi@yuggoth.org>
- Re: debian: user-request-daemon (it could solve some problems)
  - From: Curt Manucredo <curtm2@yahoo.de>
- Re: debian: user-request-daemon (it could solve some problems)
  - From: The Fungi <fungi@yuggoth.org>
- Re: debian: user-request-daemon (it could solve some problems)
  - From: Curt Manucredo <curtm2@yahoo.de>

Prev by Date: Re: debian: user-request-daemon (it could solve some problems)
Next by Date: RFS: zeroinstall-injector
Previous by thread: Re: debian: user-request-daemon (it could solve some problems)
Next by thread: Re: debian: user-request-daemon (it could solve some problems)
Index(es):
- Date
- Thread