Re: Your opinion about adding Gnome Xsu to GNOME-Utils

AFAIK the only thing of concern is that a PAMified gnome-su would need suid bit 
to run.  And Xlib/GTK+ apps should not run setuid because of the \"yadda yadda 
yadda possible undiscovered buffer overflows\".

One more thing:

(this is a request and a frequent one) We have different administrative tools.  
Currently (in Mandrake) every tool that needs root rights ask for a root 
password.  What if that gnome-su could do

  gnome-su --specific-pam-service XYZ /usr/bin/gnome-XYZ

so that I as an administrator can decide on different policies for different 
administrative programs?

What would the non-PAM way of doing it?  Maybe making my users members of 
special groups and change permissions accordingly?  How about making a

  gnome-check-access /usr/bin/someapp

that goes to a list in /etc/gnome-access and if the list contains

   /usr/bin/someapp needs-disk-group-membership
   /usr/bin/userhelper okay-for-everyone

then it grants permission to those who satisfy privileges and asks for the root 
password to those who don\'t?

Am I fantasizing?  The thing is a potential solution to those apps that need, 
say \"disk\" or \"audio\" or \"cdwriter\" or \"ppp\" group membership (but not 
necessarily root), and when run through the GNOME panel by users who don\'t have 
that membership, will fail without saying anything.  Maybe the GNOME panel 
needs checking permissions on the to-be-run binary beforehand, so that before 
running an app it checks whether the user has permission, and if s/he doesn\'t, 
pops up a dialog box that says \"you\'re not allowed\" OR pops a \"gnome-su\" for 
running the app.

And maybe my app list suggestion is overkill, if the above paragraph can be 
accomplished.  That way we\'d get less desk support calls of the type that go \"I 
click on the icon and nothing happens\".

Naturally, the same should apply to Nautilus and any app that can run others.  
Maybe the icons in GNOME-panel shouldn\'t even appear should the user not have 
permission to run the binary pointed to by the .desktop file.  Even less 
support calls (although non-privileged desktops would lose the ability to run 
the app via an automatic \"gnome-su\" window).

good luck guys.  I\'d like to code it myself if I had a development environment 
at hand =(

Quoting Havoc Pennington <hp redhat com>:

> Manuel Amador <amadorm zeus usm edu ec> writes:
> > Is there another way to do su, like using PAM in supported
> platforms?
> Thinking about the PAM thing more, I think we could easily deal with a
> \"su\" app in our PAM setup - say we have gnome-su, so that .desktop
> files contain:
>  gnome-su app-that-requires-root
> Then we could replace gnome-su with a no-op application that simply
> runs app-that-requires-root, and then the PAM auth kicks in.
> So if GNOME has an su app upstream it shouldn\'t break operating
> systems that have a nicer setup. Unless I\'m missing something.
> Havoc

   Manuel Amador (Rudd-O)

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]