Re: Root privilege (SOLVED)
On Tue, Jan 09, 2007 at 06:37:01PM EST, Roberto C. Sanchez wrote:
> On Tue, Jan 09, 2007 at 06:28:05PM -0500, cga2000 wrote:
> > >
> > > Pardon my ignorance .. I do my best to stay away from gui apps ..
> > >
> Unfortunately, some things flat out require a GUI.
Unfortunately?
:-)
> > > And I don't use sudo either.
> > >
> > > Mind you, I have thought about it and I have come with the conclusion
> > > that it is just not worth the trouble setting up sudo in a desktop
> > > context.
> > >
> That depends. If you are the only user of the system and will be the
> only one requiring root acces, then that is fine.
That's what I meant. I am aware of the value of sudo when multiple
administrators are involved.
> > > I'll stick with plain /bin/su.
> > >
> However, in a situation with multiple admins it is nice to have the
> logging of sudo so that you know who did what/when.
yes .. see above.
otherwise it sounds like unnecessary overhead .. making things a bit more
complicated .. and therefore a little less secure.
> > > As Paul J. -- I think -- indicated in another post .. either the gui app
> > > has been designed (and tested .. audited .. etc.) to run in privileged
> > > mode (and in this case it should take care of escalating your privileges
> > > when necessary and ask you for the root password if relevant) .. or it
> > > has not.
> > >
> > > If it has NOT been designed to run privileged, then there is NO reason
> > > that I can think of why you should EVER want to escalate your privileges
> > > -- except possibly when testing something .. such as when you need to
> > > verify a hunch that a given application does not work correctly because
> > > you do not have proper access to a resource ..
> > >
> Except that many apps are GUI apps and expect that you will already have
> elevated priviledges when you run them. The Oracle installer and the
> CrossOver Office configuration tool are two that come to mind right off
> the top of my head.
Not familiar with either.
I forget what's it called .. "synapsis" or something .. ? but another
one that comes to mind is the GUI front-end to apt .. Wouldn't that need
to run privileged for some of its functionalities (eg. install/remove
software) .. ?
How's stuff like that supposed to work in a "strict" proof of concept
GUI environment with no *term available -- ie. all you are allowed is
an icon on your desktop and possibly an entry in your gnome/kde menus?
Sounds like such GUI install/config tools would need to to be able
prompt the user for root's password .. or whatever group password might
be necessary..
Ah .. I guess I'll stick with my shell prompt.. all this gooey stuff is
way too complex for me.
Thanks.
cga
Reply to: