Re: GNOME and superuser (privilege raising) integration



On Wed, 2003-05-14 at 01:48, Hongli Lai wrote:
> On Wednesday 14 May 2003 01:20, Sean Middleditch wrote:
> > Because the backend must have a separate process running as root to
> > operate.  Move the whole thing to a separate binary, remove security
> > related code from the application themselves, and solve the whole
> > problem in one place - the special binary.  Provide a little one-liner
> > function for launching it for apps.
> 
> In other words, instead of talking to su/sudo, create a new setuid root binary 
> that uses a different way to communicate?
<snip/>

> 
> They don't have to be setuid root. They just talk to su/sudo.

Right. I thought you wanted a bunch of different backends?  PAM on some
systems, su on others, etc.?  To get the full flexibility of PAM when
available?  (Since su is rather, well, black and white.)

> _______________________________________________
> desktop-devel-list mailing list
> desktop-devel-list gnome org
> http://mail.gnome.org/mailman/listinfo/desktop-devel-list
> 





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]