Re: Objections [Was: GNOME System Monitor will use libgnomesu]

[Hongli Lai <h lai chello nl>]

Jeff Waugh wrote:
> Unfortunately, it *doesn't* fill the gap. The sudo support has just been
> removed

For technical reasons. As I've pointed out in earlier emails, the only 
way to communicate with sudo correctly (without changes to sudo) is by 
using a "helper application": you run
sudo /usr/libexec/helper-app your_command
If the login succeeded, then helper-app will print SUCCESS (so the 
parent will know that it succeeded), and then run your_command.
If it fails, sudo exits. The parent notices that there is no SUCCESS, so 
it will know the login failed. This is the same approach used by 
gnome-sudo (I think that's what the program was called).

However, this has one huge disadvantage: /etc/sudoers is effectively 
useless! Every single command has to be run via helper-app. You cannot 
control what app the user is allowed to run. This turns sudo into a su 
that asks for your password instead of the root password. Is that what 
you want?

If you know a better way to communicate with sudo, please tell me.


> libgnomesu is not being used by any other module,
> and there are stated objections to it.

I've already answered most of the objections, but I still haven't 
received a reply for many of my answers...


> So, my personal feeling is that adding libgnomesu to the Desktop release is
> inappropriate at this stage (for design reasons, but also because there's
> only one module using it at this stage), and that procman should only
> optionally depend on it, if at all. Sorry.

In other words, nothing will be done - yet again. What's wrong with 
using libgnomesu now so users at least have something that works better 
than the current procman password dialog, and then replacing libgnomesu 
with something better, when that "something better" has actually been 
written?