Re: Root privilege (SOLVED)
On Wed, Jan 10, 2007 at 02:31:32PM EST, Paul Johnson wrote:
> cga2000 wrote:
>
> > On Tue, Jan 09, 2007 at 06:37:01PM EST, Roberto C. Sanchez wrote:
> >> On Tue, Jan 09, 2007 at 06:28:05PM -0500, cga2000 wrote:
> >> > >
> >> > > Pardon my ignorance .. I do my best to stay away from gui apps ..
> >> > >
> >> Unfortunately, some things flat out require a GUI.
> >
> > Unfortunately?
> >
> > :-)
>
> Yes, this is the right word. GUIs frequently sacrifice security,
> flexibility and functionality in favor of being relatively drool-proof.
> Sacrificing security at the root level is never the brightest idea around.
Nicely put.
> > I forget what's it called .. "synapsis" or something .. ? but another
> > one that comes to mind is the GUI front-end to apt .. Wouldn't that need
> > to run privileged for some of its functionalities (eg. install/remove
> > software) .. ?
>
> kpackage can call su from within itself and prompt the user for password as
> needed.
Mind you, and this is not directly related to the above, I sometimes
have this bizarre feeling that much of this awkwardness we have to deal
with -- in X certainly .. but from the linux console as well, albeit to
a lesser extent -- eventually boils down to the *NIX model not having
been designed from the ground up with security in mind.
I just cannot see why you should need something extreme such as root
access to install/maintain software. Maybe that with some contortions
this could be achieved within the *NIX security model by defining a
privileged group and making sure software packaging takes this into
account .. maybe not. Not for me to decide.
:-)
> > How's stuff like that supposed to work in a "strict" proof of concept
> > GUI environment with no *term available -- ie. all you are allowed is
> > an icon on your desktop and possibly an entry in your gnome/kde menus?
>
> Root gets the "failsafe" option for X by default? xterm is mandatory in an
> X install, IIRC.
Please refer to what Roberto has to say about pointy-head activity in
the enterprise. In the enterprise world there is no guarantee that some
dude will not decide at some point that it's his best interest that
*term's are the devil's work and have them autdafe'd at the earliest
opportunity.
But I was talking "proof of concept" .. in the world of the average
to-the-gui-born user .. and thinking in terms of CD/DVD's that you just
pop in .. say "yes" to the eula .. click the "next" button a few time ..
done..
Not likely _that_ crowd would like the idea of starting an xterm..
typing in a command to launch the installer .. etc. etc.
As such I find the X gui model incomplete and although having gui
installers assume you already have root authority prior to launching
them may be a lesser evil than the proliferation of password-prompting
code in the wrong places .. I'm rather convinced by Roberto's
argumentation .. I find that it's just one more good reason why I'd
rather stick to the non-gui interface.
Thanks much for your comments .. food for thought .. enlightening ..
Thanks.
cga
Reply to: