Re: Using gconf in setuid program?



On Wed, 2005-06-29 at 08:03 -0400, David Zeuthen wrote:
> On Jun 29, 2005, at 3:42 AM, Mark McLoughlin wrote:

> >     In that case, then, you it not make sense for gnome-mount to  
> > just read
> > the policy from GConf and pass it to the helper via the command  
> > line or
> > environment?
> 
> But this would break for mandatory settings because the setuid helper  
> cannot really trust gnome-mount (or anyone else invoking the the  
> setuid helper). So the setuid helper really needs to check this himself.

	Yeah, good point. Forking a process, dropping back to the original uid
and exec()ing gconftool-2 to check the key may be the best option as you
say.

	Thinking it through, I can't see any obvious problems, but it all makes
me fairly nervous.

Cheers,
Mark.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]