Re: Your opinion about adding Gnome Xsu to GNOME-Utils
- From: Manuel Amador <amadorm zeus usm edu ec>
- To: Havoc Pennington <hp redhat com>
- Cc: Manuel Amador <amadorm zeus usm edu ec>, Philip Van Hoof <freax pandora be>, gnome-devel-list gnome org, nalin redhat com
- Subject: Re: Your opinion about adding Gnome Xsu to GNOME-Utils
- Date: Wed, 21 Nov 2001 14:31:22 -0500 (ECT)
AFAIK the only thing of concern is that a PAMified gnome-su would need suid bit
to run. And Xlib/GTK+ apps should not run setuid because of the \"yadda yadda
yadda possible undiscovered buffer overflows\".
One more thing:
(this is a request and a frequent one) We have different administrative tools.
Currently (in Mandrake) every tool that needs root rights ask for a root
password. What if that gnome-su could do
gnome-su --specific-pam-service XYZ /usr/bin/gnome-XYZ
so that I as an administrator can decide on different policies for different
What would the non-PAM way of doing it? Maybe making my users members of
special groups and change permissions accordingly? How about making a
that goes to a list in /etc/gnome-access and if the list contains
then it grants permission to those who satisfy privileges and asks for the root
password to those who don\'t?
Am I fantasizing? The thing is a potential solution to those apps that need,
say \"disk\" or \"audio\" or \"cdwriter\" or \"ppp\" group membership (but not
necessarily root), and when run through the GNOME panel by users who don\'t have
that membership, will fail without saying anything. Maybe the GNOME panel
needs checking permissions on the to-be-run binary beforehand, so that before
running an app it checks whether the user has permission, and if s/he doesn\'t,
pops up a dialog box that says \"you\'re not allowed\" OR pops a \"gnome-su\" for
running the app.
And maybe my app list suggestion is overkill, if the above paragraph can be
accomplished. That way we\'d get less desk support calls of the type that go \"I
click on the icon and nothing happens\".
Naturally, the same should apply to Nautilus and any app that can run others.
Maybe the icons in GNOME-panel shouldn\'t even appear should the user not have
permission to run the binary pointed to by the .desktop file. Even less
support calls (although non-privileged desktops would lose the ability to run
the app via an automatic \"gnome-su\" window).
good luck guys. I\'d like to code it myself if I had a development environment
at hand =(
Quoting Havoc Pennington <hp redhat com>:
> Manuel Amador <amadorm zeus usm edu ec> writes:
> > Is there another way to do su, like using PAM in supported
> Thinking about the PAM thing more, I think we could easily deal with a
> \"su\" app in our PAM setup - say we have gnome-su, so that .desktop
> files contain:
> gnome-su app-that-requires-root
> Then we could replace gnome-su with a no-op application that simply
> runs app-that-requires-root, and then the PAM auth kicks in.
> So if GNOME has an su app upstream it shouldn\'t break operating
> systems that have a nicer setup. Unless I\'m missing something.
Manuel Amador (Rudd-O)
] [Thread Prev