Re: Gnome replacement for kdesu



When Mandrake 70 was beta-testing I wrote them because in the GNOME menu
they were calling 'gsu -c superapp' for some app which required root
privledges. Below are a couple of the responses I received.
-------------------------------------

Brian J. Murrell wrote:
It is my impression that kdesu is considered safe where as gsu is not. 
        This probably lies in the fact that (IIRC) kdesu does not
actually
        implement any granting of privellege as it relies on "su" to do
that. 
        Nobody wants to fix/audit gsu, as it does all of the privellege
granting
        itself.


DindinX (odin@mandrakesoft.com) wrote:
    I had a look at the kdesu code. Basically, it opens a virtual
terminal,
        start su in this terminal, and use the terminal to pipe the
passwd to su,
        since echo passwd | su is forbidden.

          The problem is that it use some KDE internals to open the term
(Kterm or
        something like this)

          Not an easy thing to emulate with Gnome AFAIK.
-------------------------------------

They appeared to not trust gsu and the solution was to replace the menu
entry calling gsu with one calling kdesu. Anyone have any more
information on the security of gsu?

-- 

Steve Fox
http://k-lug.com



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]