Re: Kernelconfiguration with control-center ui ?



On Mon, Dec 21, 1998 at 04:57:38PM -0500, Gleef scribbled:
> 
> >   On another note, it just occured to me that there are a lot of times when
> > a Gnome program might need superuser priviliges.  With the freeze it's
> > probably too late, but could the next version of Gnome maybe include some
> > sort of helper function to exec a program as root (or another user) which would
> > either do it in a configurable way (ie, use su..sudo..whatever..prompt for
> > a password..) or else pop up a dialog saying you don't have access to do X?
> > In fact, I guess that could even be an app..gsudo..(this line of thought
> > was sparked by the fact that only root--on my system at least--can run
> > make *config in the kernel tree, even without saving..)
> 
> Programs like sudo encourage sloppy administration.  Sloppy administration
> encourages security holes.  
> 
> Try this instead.  I have a group on my system called wheel, which
> contains any account I want to do source installations from.  I made
> /usr/src, /opt and /usr/local owned by root:wheel and group writable.
> Now, in my user account, I can untar packages into /usr/src, compile them,
> and install them in either /opt or /usr/local.  I also gave wheel write
> privileges to ld.so.cache, so I can run ldconfig.  Users are still
> prevented from system stuff, and I'm prevented from botching up /bin,
> /sbin, /usr/bin, /usr/sbin, most of the /etc directory, and other things
> that I don't want to risk screwing up.  The only thing I can't do is
> install a package that automatically changes the owner on the file (like
> many games).  If I somehow come across a trojan, I can't do most root
> stuff, so my system is safer.
> 

  Hmm, good points.  But I still think a helper would be a good idea.  The
main reason is that (as I understand) Gnome is supposed to make Linux more
accessible to less technical people.  However, there are some things that
only root can do, even in your system, that people will want to do a lot
of.  Two examples that come to mind are installation of binary packages and
shutting down or rebooting the computer (yes I know that you can leave
your computer on 24-7, I do it all the time, but some people want to turn
it off)  Currently Gnome provides programs to do this--or will--but you
need to have run gnome-session and panel as root, or have a root-getting
program installed, to use them _easily_.  (unless shutdown/reboot is being
installed suid root which sounds Bad to me.)  A good implementation of
auto-root-getting would allow the user to configure how it is done, and
to turn it off entirely.  So on a system where security is tight, you
can disable it--in fact, don't even install su or sudo--but on my
father's computer I can turn it on.  In this case, a user trying to do something
he or she does not have permission for--for example, if I try to use gnome-apt
to remove or install packages without being authorized to become root--will
just get an error dialog.

  Does anyone else think this is a decent idea, or am I totally off my rocker?

-- 
  Daniel Burrows

  Nothing is hopeless.

  PROOF:
(a) Assume the opposite.
(b) If something _is_ hopeless, then its condition can only improve.
(c) If its condition can only improve, then there must be hope for it.
(d) Therefore, nothing is hopeless.  QED.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]