[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Root privilege (SOLVED)

On Wed, Jan 10, 2007 at 02:31:32PM EST, Paul Johnson wrote:
> cga2000 wrote:
> 
> > On Tue, Jan 09, 2007 at 06:37:01PM EST, Roberto C. Sanchez wrote:
> >> On Tue, Jan 09, 2007 at 06:28:05PM -0500, cga2000 wrote:
> >> > > 
> >> > > Pardon my ignorance .. I do my best to stay away from gui apps ..
> >> > > 
> >> Unfortunately, some things flat out require a GUI.
> > 
> > Unfortunately?
> > 
> > :-)
> 
> Yes, this is the right word.  GUIs frequently sacrifice security,
> flexibility and functionality in favor of being relatively drool-proof. 
> Sacrificing security at the root level is never the brightest idea around.

Nicely put.

> > I forget what's it called .. "synapsis" or something .. ? but another
> > one that comes to mind is the GUI front-end to apt .. Wouldn't that need
> > to run privileged for some of its functionalities (eg. install/remove
> > software) .. ?
> 
> kpackage can call su from within itself and prompt the user for password as
> needed.

Mind you, and this is not directly related to the above, I sometimes
have this bizarre feeling that much of this awkwardness we have to deal
with -- in X certainly .. but from the linux console as well, albeit to
a lesser extent -- eventually boils down to the *NIX model not having
been designed from the ground up with security in mind.

I just cannot see why you should need something extreme such as root
access to install/maintain software.  Maybe that with some contortions
this could be achieved within the *NIX security model by defining a
privileged group and making sure software packaging takes this into
account .. maybe not.  Not for me to decide.

:-)

> > How's stuff like that supposed to work in a "strict" proof of concept
> > GUI environment with no *term available -- ie.  all you are allowed is
> > an icon on your desktop and possibly an entry in your gnome/kde menus?
> 
> Root gets the "failsafe" option for X by default?  xterm is mandatory in an
> X install, IIRC.

Please refer to what Roberto has to say about pointy-head activity in
the enterprise.  In the enterprise world there is no guarantee that some
dude will not decide at some point that it's his best interest that
*term's are the devil's work and have them autdafe'd at the earliest
opportunity.

But I was talking "proof of concept" .. in the world of the average
to-the-gui-born user .. and thinking in terms of CD/DVD's  that you just
pop in .. say "yes" to the eula .. click the "next" button a few time ..
done.. 

Not likely _that_ crowd would like the idea of starting an xterm..
typing in a command to launch the installer .. etc.  etc.

As such I find the X gui model incomplete and although having gui
installers assume you already have root authority prior to launching
them may be a lesser evil than the proliferation of password-prompting
code in the wrong places .. I'm rather convinced by Roberto's
argumentation .. I find that it's just one more good reason why I'd
rather stick to the non-gui interface.

Thanks much for your comments .. food for thought .. enlightening ..

Thanks.

cga
Reply to: