[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Root privilege (SOLVED)

On Tue, Jan 09, 2007 at 06:37:01PM EST, Roberto C. Sanchez wrote:
> On Tue, Jan 09, 2007 at 06:28:05PM -0500, cga2000 wrote:
> > > 
> > > Pardon my ignorance .. I do my best to stay away from gui apps .. 
> > > 
> Unfortunately, some things flat out require a GUI.

Unfortunately?

:-)

> > > And I don't use sudo either.
> > > 
> > > Mind you, I have thought about it and I have come with the conclusion
> > > that it is just not worth the trouble setting up sudo in a desktop
> > > context. 
> > > 
> That depends.  If you are the only user of the system and will be the
> only one requiring root acces, then that is fine.

That's what I meant.  I am aware of the value of sudo when multiple
administrators are involved.

> > > I'll stick with plain /bin/su.
> > > 
> However, in a situation with multiple admins it is nice to have the
> logging of sudo so that you know who did what/when.

yes .. see above.

otherwise it sounds like unnecessary overhead .. making things a bit more
complicated .. and therefore a little less secure.

> > > As Paul J. -- I think -- indicated in another post .. either the gui app
> > > has been designed (and tested .. audited .. etc.) to run in privileged
> > > mode (and in this case it should take care of escalating your privileges
> > > when necessary and ask you for the root password if relevant) .. or it
> > > has not.
> > > 
> > > If it has NOT been designed to run privileged, then there is NO reason
> > > that I can think of why you should EVER want to escalate your privileges
> > > -- except possibly when testing something .. such as when you need to
> > > verify a hunch that a given application does not work correctly because
> > > you do not have proper access to a resource .. 
> > > 
> Except that many apps are GUI apps and expect that you will already have
> elevated priviledges when you run them.  The Oracle installer and the
> CrossOver Office configuration tool are two that come to mind right off
> the top of my head.

Not familiar with either. 

I forget what's it called .. "synapsis" or something .. ? but another
one that comes to mind is the GUI front-end to apt .. Wouldn't that need
to run privileged for some of its functionalities (eg. install/remove
software) .. ?

How's stuff like that supposed to work in a "strict" proof of concept
GUI environment with no *term available -- ie.  all you are allowed is
an icon on your desktop and possibly an entry in your gnome/kde menus?

Sounds like such GUI install/config tools would need to to be able
prompt the user for root's password .. or whatever group password might
be necessary..

Ah .. I guess I'll stick with my shell prompt.. all this gooey stuff is
way too complex for me.

Thanks.

cga
Reply to: