Re: Root privilege (SOLVED)

To: debian-user@lists.debian.org
Subject: Re: Root privilege (SOLVED)
From: "Casey T. Deccio" <casey@deccio.net>
Date: Tue, 09 Jan 2007 16:40:46 -0800
Message-id: <[🔎] 1168389646.11616.26.camel@boomerang.ran.sandia.gov>
In-reply-to: <[🔎] 20070109232805.GD820@turki.gavron.org>
References: <[🔎] ga7d74xpc7.ln2@ursa-major.ursine.ca> <[🔎] 45A1990E.1040105@bredband.net> <865773ce0701071732l5a46620bvfc069c0fa23350c3@mail.gmail.com> <[🔎] 45A1AA4C.1010305@bredband.net> <[🔎] 20070108022238.GB1260@miami.connexer.com> <[🔎] 20070108052902.GA820@turki.gavron.org> <[🔎] 20070108053332.GB15852@santiago.connexer.com> <[🔎] 20070109195057.GB820@turki.gavron.org> <[🔎] 1168374065.2211.49.camel@boomerang.ran.sandia.gov> <20070109231731.GC820@turki.gavron.org> <[🔎] 20070109232805.GD820@turki.gavron.org>

On Tue, 2007-01-09 at 18:17 -0500, cga2000 wrote:
> Pardon my ignorance .. I do my best to stay away from gui apps .. 
> 
> And I don't use sudo either.
> 
> Mind you, I have thought about it and I have come with the conclusion
> that it is just not worth the trouble setting up sudo in a desktop
> context. 
> 

I tried to make it clear that there is nothing really to "set up".  By
running 'sudo guiapp', it should work okay.  Paul mentions the '&' for
backgrounding, and although that works as he said, it's not necessary.

> I guess I'm just being bloody-minded and suggesting to Roberto that
> there _cannot_ be anything "secure" -- and hopefully not "standard"
> either ..  about a script that makes it easier to indulge in practices
> that are unsafe in the first place.
> 

I try to take care before making general statements like that... but I
believe it is probably more mainstream, and allows more
privilege-limiting behavior than a simple script might do--analogous to
using sudo over su.

> :-)
> 
> As Paul J. -- I think -- indicated in another post .. either the gui
> app
> has been designed (and tested .. audited .. etc.) to run in privileged
> mode (and in this case it should take care of escalating your
> privileges
> when necessary and ask you for the root password if relevant) .. or it
> has not.
> 
> If it has NOT been designed to run privileged, then there is NO reason
> that I can think of why you should EVER want to escalate your
> privileges
> -- except possibly when testing something .. such as when you need to
> verify a hunch that a given application does not work correctly
> because
> you do not have proper access to a resource .. 
> 

I'm pretty sure that wireshark is about the only gui app that I run
privileged, but sometimes it's not a matter of escalation--you might
want to run as another non-privileged user for testing
purposes--something for which you don't have privileges, but another
non-privileged user does.  For this, (in both gui and non-gui) sudo is
very elegant and highly configurable.

Casey

Reply to:

Follow-Ups:
- Re: Root privilege (SOLVED)
  - From: cga2000 <cga2000@optonline.net>

References:
- Re: Root privilege (SOLVED)
  - From: Paul Johnson <baloo@ursine.ca>
- Root privilege
  - From: Danesh Daroui <Danesh.D@bredband.net>
- Re: Root privilege (SOLVED)
  - From: Danesh Daroui <Danesh.D@bredband.net>
- Re: Root privilege (SOLVED)
  - From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: Root privilege (SOLVED)
  - From: cga2000 <cga2000@optonline.net>
- Re: Root privilege (SOLVED)
  - From: "Roberto C. Sanchez" <roberto@connexer.com>
- Re: Root privilege (SOLVED)
  - From: cga2000 <cga2000@optonline.net>
- Re: Root privilege (SOLVED)
  - From: "Casey T. Deccio" <casey@deccio.net>
- Re: Root privilege (SOLVED)
  - From: cga2000 <cga2000@optonline.net>

Prev by Date: Re: Root privilege (SOLVED)
Next by Date: Re: Root privilege (SOLVED)
Previous by thread: Re: Root privilege (SOLVED)
Next by thread: Re: Root privilege (SOLVED)
Index(es):
- Date
- Thread