Re: Porposing libgnomesu for 2.10

From: James Henstridge <james jamesh id au>
To: John McCutchan <ttb tentacle dhs org>
Cc: desktop-devel-list gnome org
Subject: Re: Porposing libgnomesu for 2.10
Date: Thu, 28 Oct 2004 23:18:20 +0800

John McCutchan wrote:

Could we get similar behavior to RedHat's pam_timestamp by using
gnome-keyring to store the password for a certain amount of time?

You could, but it wouldn't be secure. While the keyring is unlocked,any application could read the root password. Any scheme of that sortwill be difficult/impossible to secure.

With pam_timestamp and sudo, it doesn't store the root password betweeninvocations -- instead it stores timestamp files in a directory the usercan't write to. If the timestamp is sufficiently recent it doesn'tprompt for the password.


James.

Follow-Ups:
- Re: Porposing libgnomesu for 2.10
  - From: Hongli Lai

References:
- Porposing libgnomesu for 2.10
  - From: Hongli Lai
- Re: Porposing libgnomesu for 2.10
  - From: Hongli Lai
- Re: Porposing libgnomesu for 2.10
  - From: John McCutchan

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]