Re: [gtk-list] Re: How safe is GTK?

From: Eivind Kvedalen <eivindkv ifi uio no>
To: gtk-list redhat com
Subject: Re: [gtk-list] Re: How safe is GTK?
Date: Tue, 12 May 1998 11:39:29 +0200 (MET DST)

> The solution is to use the program as root or use it via su. Or fix gsu in
> the Gnome CVS tree, if you want all-GUI operation. The gnome-list thread
> concluded that the simple gsu fix is to hack traditional su so that it
> reads a password off stdin, then make a Gtk wrapper for the hacked su; the
> hard gsu fix is something involving PAM that the Red Hat Labs people can
> probably tell you about. The stdin fix is trivial but I haven't done it
> since it would ideally involve correspondence with the upstream su
> maintainer to get the changes merged, and people asked for PAM anyway; I
> have no idea what the PAM fix would involve so I haven't done that either.
> A volunteer is needed who understands all the issues.

The PAM thing is really easy, I think. Just one function is needed to
take care of the whole PAM-conversation. We may need to patch PAM or
make a new PAM-module if we want a GTK-frontend for the real
password-input, though. Check the lnx_pam.c/lnx_log.c or similar in the
IMAP (ipopd and friends) source-code for a nice example of how to use PAM.

Eivind

---

| Lazy on IRC     \ Mail: eivindkv@ifi.uio.no / lazy@2.to       |
| God made grass.  \ HP:   www.ifi.uio.no/~eivindkv             |
| Man made booze.   \ Tlf:  22187263 (hybel) / 90051790 (mobil) |
| Who do you trust ? \ Jobb: 22429500 / eivind@fondspartner.no  |

Follow-Ups:
- Re: How safe is GTK?
  - From: Michael K. Johnson

References:
- Re: [gtk-list] How safe is GTK?
  - From: robert havoc pennington

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]