Re: Using gconf in setuid program?
- From: Mark McLoughlin <markmc redhat com>
- To: David Zeuthen <david fubar dk>
- Cc: gconf-list gnome org
- Subject: Re: Using gconf in setuid program?
- Date: Wed, 29 Jun 2005 13:30:08 +0100
On Wed, 2005-06-29 at 08:03 -0400, David Zeuthen wrote:
> On Jun 29, 2005, at 3:42 AM, Mark McLoughlin wrote:
> > In that case, then, you it not make sense for gnome-mount to
> > just read
> > the policy from GConf and pass it to the helper via the command
> > line or
> > environment?
>
> But this would break for mandatory settings because the setuid helper
> cannot really trust gnome-mount (or anyone else invoking the the
> setuid helper). So the setuid helper really needs to check this himself.
Yeah, good point. Forking a process, dropping back to the original uid
and exec()ing gconftool-2 to check the key may be the best option as you
say.
Thinking it through, I can't see any obvious problems, but it all makes
me fairly nervous.
Cheers,
Mark.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]