Re: GNOME and superuser (privilege raising) integration

From: Philip Van Hoof <spam freax org>
To: Hongli Lai <h lai chello nl>
Cc: desktop-devel-list gnome org
Subject: Re: GNOME and superuser (privilege raising) integration
Date: Tue, 13 May 2003 21:23:43 +0200

Hongli Lai wrote:

What do you think? Will this ever get the chance to be integrated in GNOME? Ifnot, what wrong with it? Is there any reason to reject this instead ofaccepting and incrementally fixing it?

Hi there, let me first introduce myself: I have been the author of GNOMExsu which has new renamed to GNOME SuperUser and is now being maintainedby Mark Finlay (I think Mark is on this list to).<http://xsu.sourceforge.net/>

Most issues with the wrapping of the "su" application and integratingsuch applications with GNOME are

1) Security issues. The best way is to use a SUID-root non-Gtk+application in stead of passing the password to "su" using aterminal-widget. However, some people dislike the idea of having_another_ SUID-root application and like the idea of using the standard"su" -or "sudo" command for this purpose. (Problem: su and sudo requirea terminal for typing in the password -you cannot use a pipe for this-).Faking a terminal-widget might introduce security-issues.

2) The fact that not every Operating System that can host GNOME/Gtk+applications really needs a superuser utility (Gtk+ and GNOME also workon -older versions of- Windows) nor/or has such a utility. Adding thelibrary to GNOME would add a impossible dependancy for some OperatingSystems -and environments.

However, I _do_ like your idea and I _do_ think that it should beintegrated with GNOME. Why? Because that way applications (likenautilus) and distrubutions (like RedHat) can then start using it instead of inventing their own SuperUser-protocol. I also think that thislibrary should not be GNOME-only; in stead should be available for "all"applications (so also KDE -and Console applications)... (PAM ?) and easyfor developers to start using it. Maybe the people at freedesktop.orgshould agree on such a protocol? Talking to them might be a good idea (Ihave not checked but it is possible that they are already working onthis issue).

libgnomesu can be downloaded at this URL. It's mostly finished.
http://members1.chello.nl/~h.lai/libgnomesu-0.9.tar.gz

--
Philip Van Hoof
me at freax dot org
http://www.freax.eu.org

Follow-Ups:
- Re: GNOME and superuser (privilege raising) integration
  - From: Hongli Lai
- Re: GNOME and superuser (privilege raising) integration
  - From: MArk Finlay

References:
- GNOME and superuser (privilege raising) integration
  - From: Hongli Lai

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]