[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Paternalistic D-Bus Restrictions (was Re: 'Applications, Accessories, Root Terminal' fails silently)


On Jun 14, 2009, at 8:24 PM, Patrick Wiseman wrote:
On Sun, Jun 14, 2009 at 3:13 PM, Rick Thomas<rbthomas55@pobox.com> wrote: 

Bug reported as Bug#533089

Sadly, if your diagnosis is correct, it may not be fixable...

Oh well, I guess that's what "sudo -i" in a normal terminal is for...


'sudo -l' you mean?  That (or just 'su' alone) gives me root access
within a gnome-terminal, at which point I can do what I need to do.
But that also demonstrates that whatever security concerns are driving
the disabling of 'Root Terminal' from the menu are completely bogus.
And it has conveniences (not having to provide a password every time I
open a new tab, for example) which this workaround doesn't.  Oh, well,
indeed ....



I meant "-i" -- from the man page for sudo(8)
-i The -i (simulate initial login) option runs the shell specified in 
     the passwd(5) entry of the user that the command is being run as.
     The command name argument given to the shell begins with a `-' to
tell the shell to run as a login shell. sudo attempts to change to that user's home directory before running the shell. It also ini- 
     tializes the environment, leaving TERM unchanged, setting HOME,
SHELL, USER, LOGNAME, and PATH, and unsetting all other environment variables. Note that because the shell to use is determined before the sudoers file is parsed, a runas_default setting in sudoers will 
     specify the user to run the shell as but will not affect which
     shell is actually run.


And you can configure /etc/sudoers so that you never have to provide
a password.  Read the sudoers(5) man page.

I'm not clear on whether the security concerns driving this issue extend
to sub-processes running as root, or just those started as root.
I'll leave that explanation to those with a better understanding of the
issue.

Rick
Reply to: