Re: GnoRPM feature and Re: Gnome su



>>>>> Erik Walthinsen writes:

> On Thu, 22 Apr 1999, Federico David Sacerdoti wrote:
>> I believe PAM could be used for the authentication. The benefit would be
>> that a normal user could quickly manipulate packages without bringing up a
>> terminal.

> This would mean gnorpm has to be setuid root.  Not so cool.  A much better
> way to do it would be to have a separate, audited setuid program, hmm,
> sounds like su/sudo...  Sounds like gsu (if it's what I think it is).

Best of all, when a user asks gnorpm to do something they don't have
the permissions for, it could call gsu on a small helper program
(e.g. rpm itself).  To the user, it would just look like they tried to
install a package, and had to enter the root password to do so.
Gnorpm wouldn't have to do authentication itself, and you wouldn't
have to quit and restart it if you forgot to become root.

Tim Moore



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]