Re: Your opinion about adding Gnome Xsu to GNOME-Utils

If gnome-sudo is the one that spawns a hidden zvt and talks to regular /bin/su, 
then let me tell you: although it works (in certain conditions, environment and 
moon phases) it sure is a magnanimous hack.  I\'d be more inclined to do it the 
suid/PAM/etc. way.  But if that solution proves to be risky, we\'d have no other 
option but use gnome-sudo.

OTOH, we still need Panel and Nautilus to pop up a \"you don\'t have the 
privileges required to run this program\" box in case the user don\'t have 
privileges (be it from standard UNIX bitmasks or ACLs).


Quoting Eric Gillespie <epg progeny com>:

> Manuel Amador writes:
> > AFAIK the only thing of concern is that a PAMified gnome-su would
> > need suid b it to run.  And Xlib/GTK+ apps should not run setuid
> > because of the \\\"yadda yadd a yadda possible undiscovered buffer
> > overflows\\\".
> gnome-sudo does not have this problem.  Strangely, i have not gotten
> a response to a single one of my messages about it.  Not even a
> simple \"Buzz off, you\'re not part of the cabal.\"
Don\'t feel bad.  Not many people do their share of talking here.  Not to start 
a flamewar, but kde-devel runs many more comments (maybe their architecture is 
less mature or they have more to do, who knows) per hour.

Thanks for your contribution =)
> -- 
> Eric Gillespie, Jr. <*> epg progeny com
> Software Developer
> Progeny Linux Systems -
> \"I don\'t know what a Sawfish Window Manager is.\"
> _______________________________________________
> gnome-devel-list mailing list
> gnome-devel-list gnome org

   Manuel Amador (Rudd-O)

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]