Re: Using gconf in setuid program?

On Jun 29, 2005, at 3:42 AM, Mark McLoughlin wrote:

On Tue, 2005-06-28 at 19:59 -0400, David Zeuthen wrote:

Well, ideally the setuid program wants to see exactly the same settings as the user sees (e.g. mandatory > per-user > defaults) to enforce the
same policy as the rest of the bits using these keys.

    Ah, I presumed you wanted the mount helper to implement some
system-wide policy which you didn't want the user to be able influence.

Well, I just want it to see the same setting as the rest of the desktop. This setting is system-wide and mandatory (or site-wide depending on your gconf backend choice, right?) only if the setting is in /etc/gconf/gconf.xml.mandatory. In the event it isn't it's a user setting.

So, I want to support both scenarios.

(specifically, for the mount application I'm looking at both actually makes sense - in a typical "home user" install the key can_mount_internal_hard_drives is set to FALSE but can be modified by any user (it's FALSE because we may wrongly detect internal ataraid drives as data partitions - bad), however in an, say, in a typical "kiosk" or "enterprise" install the sysadm want to lock this or another setting (such as can_mount_external_drives_rw) down.

In that case, then, you it not make sense for gnome-mount to just read the policy from GConf and pass it to the helper via the command line or

But this would break for mandatory settings because the setuid helper cannot really trust gnome-mount (or anyone else invoking the the setuid helper). So the setuid helper really needs to check this himself.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]