Re: Porposing libgnomesu for 2.10

[Hongli Lai <h lai chello nl>]

Jeff Waugh wrote:
> <quote who="Hongli Lai">
>
> > Some additional information before anybody asks. ;)
> > - libgnomesu is not an authentication system - it's an abstraction 
> > around whatever system is available on the current machine.
> > - libgnomesu will use PAM if available.
>
>
> Does libgnomesu also offer a sudo mode?

It used to, but I disabled it because I think it's impossible to use 
sudo efficiently. The reason why people use sudo because:
1. People don't have to know the root password.
2. You can control what people run, using the sudoers file.

When using sudo, there is only one reliable way to find out whether the 
password the user entered is correct: by making sudo run a "proxy" 
program, that tells libgnomesu that it succeeded, and then runs whatever 
command is passed by libgnomesu. However, this effectively makes feature 
#2 useless, as everything is done through the proxy program. It's 
practically the same as renaming your root password to the password of 
the current user.

Reading sudo's output isn't an option. sudo doesn't output anything if 
it succeeded, and if the child process doesn't output anything either, 
libgnomesu will freeze until the child process ended. And if sudo 
succeeded, but the child process happens to output the text "Password 
incorrect", libgnomesu will think it failed while it succeeded.

The only way to get around this is by modifying sudo, and add a feature 
which allows the parent process to be notified of its status.