Re: Gnome replacement for kdesu

From: Peter Hawkins <peterhawkins ozemail com au>
CC: gnome-list gnome org
Subject: Re: Gnome replacement for kdesu
Date: Thu, 02 Mar 2000 05:42:01 +0000

Hi there...
Havoc Pennington wrote:

> Steve Fox <drfickle@k-lug.com> writes:
> > They appeared to not trust gsu and the solution was to replace the menu
> > entry calling gsu with one calling kdesu. Anyone have any more
> > information on the security of gsu?
> >
>
> We have never shipped gsu (well, the source ships but doesn't get
> built). So I don't know what they are talking about. gsu basically
> does not exist in production form.
>
> The version of gsu in CVS has a helper program which is basically a
> cut-and-paste of su, but it talks over a pipe instead of a terminal,
> for convenience. This is pretty much the same design as kdesu.

Perhaps the best way to encourage gsu to be security audited by someone who
knows what they are doing is to ship it in this next release with a large
"IF YOU ARE RUNNING THIS YOU ARE CRIMINALLY INSANE" notice (possibly without
the setuid bit set on the helper app so people who don't know how to make it
work can't). Hopefully someone who knows about this sort of thing would then
notice =) If it is as you say a cut and paste of su, then auditing the
changes should not be that hard.

=)
Peter

>
>
> Havoc
>
> --
>         FAQ: Frequently-Asked Questions at http://www.gnome.org/gnomefaq
>          To unsubscribe: mail gnome-list-request@gnome.org with
>                        "unsubscribe" as the Subject.

References:
- Re: Gnome replacement for kdesu
  - From: Havoc Pennington
- Re: Gnome replacement for kdesu
  - From: Steve Fox
- Re: Gnome replacement for kdesu
  - From: Havoc Pennington

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]