Re: GNOME and superuser (privilege raising) integration

[Sean Middleditch <elanthis awesomeplay com>]

On Tue, 2003-05-13 at 17:01, Hongli Lai wrote:
> On Tuesday 13 May 2003 22:50, Sean Middleditch wrote:
> > On Tue, 2003-05-13 at 16:43, Hongli Lai wrote:
> > I think perhaps you only read the first thign I said and didn't bother
> > with the rest?  ;-)
> > ...
> > Again, read all my mail, not select bits.
> 
> OK now I lost the track. -_-
> (I'm pretty sure I've read your entire email.)

Sorry.  I'm farily srue I explained my reasoning on all this, it gives
the impression it was skipped over.  Perhaps my (not so) wonderful
communication skills are failing me again.  ~,^

> 
> 
> >  Libsu-run could be platform
> > specific.  ON PAM-based platforms, use PAM.  On passwd-shadow platforms,
> > use that.  Use HP-UX's specific stuff there, or Irix's specific stuff on
> > that platform.  You _are_ allowed to do that.
> >
> > You can't write one routine/procedure that works everywhere for this.
> > You can write several different ones and compile/install the proper one
> > for the platform you are building on.  You already said you planned this
> > for your library - what makes you think this wouldn't work for a
> > separate exectuable?
> 
> I don't get this anymore. My library is already seperated in different 
> "backends". One high-level API finds out which backend is the best for the 
> system and uses that backend. How that any different?

Because the backend must have a separate process running as root to
operate.  Move the whole thing to a separate binary, remove security
related code from the application themselves, and solve the whole
problem in one place - the special binary.  Provide a little one-liner
function for launching it for apps.

I _don't_ want Nautilus, the Panel, or anything else to be setuid root
just so they can authenticate a root password dialog for a time config
app.  ;-)

-- 
Sean Middleditch <elanthis awesomeplay com>
AwesomePlay Productions, Inc.