Re: GNOME and superuser (privilege raising) integration
- From: Sean Middleditch <elanthis awesomeplay com>
- To: desktop-devel-list gnome org
- Subject: Re: GNOME and superuser (privilege raising) integration
- Date: 14 May 2003 09:12:21 -0400
On Wed, 2003-05-14 at 01:48, Hongli Lai wrote:
> On Wednesday 14 May 2003 01:20, Sean Middleditch wrote:
> > Because the backend must have a separate process running as root to
> > operate. Move the whole thing to a separate binary, remove security
> > related code from the application themselves, and solve the whole
> > problem in one place - the special binary. Provide a little one-liner
> > function for launching it for apps.
> In other words, instead of talking to su/sudo, create a new setuid root binary
> that uses a different way to communicate?
> They don't have to be setuid root. They just talk to su/sudo.
Right. I thought you wanted a bunch of different backends? PAM on some
systems, su on others, etc.? To get the full flexibility of PAM when
available? (Since su is rather, well, black and white.)
> desktop-devel-list mailing list
> desktop-devel-list gnome org
] [Thread Prev