Re: GnoRPM feature and Re: Gnome su
- From: James Henstridge <james daa com au>
- To: Federico David Sacerdoti <fds offm62 wuh wustl edu>
- cc: Vincent Harvey <vharvey mcs net>, gnome-list gnome org, recipient list not shown: ;
- Subject: Re: GnoRPM feature and Re: Gnome su
- Date: Fri, 23 Apr 1999 08:41:17 +0800 (WST)
I would prefer to leave any user authentication out of gnorpm. Currently
gnorpm allows you to start an install from the command line (and it adds a
few items to the context menu for RPMs in GMC). It would be better to
change those context menu commands to something like 'gsu -c "gnorpm -i
%f"', when gsu is audited and considered moderately safe. This would
probably also remove another reason for someone to login directly as root.
James.
--
Email: james@daa.com.au
WWW: http://www.daa.com.au/~james/
On Thu, 22 Apr 1999, Federico David Sacerdoti wrote:
>
> In the same vein as the comment below I have a suggestion for gnorpm.
> Would it be possible to prompt the user for the root password when they
> attempt to install an rpm package as a normal user.
>
> One use case would be the following. A user right-clicks an RPM icon in
> gmc and selects "install this RPM". A dialog pops up prompting the user
> for the root password for the install. If the password is correct, the
> install is performed and the user is notified of the result.
>
> I believe PAM could be used for the authentication. The benefit would be
> that a normal user could quickly manipulate packages without bringing up a
> terminal.
>
> -FDS
>
> On Wed, 21 Apr 1999, Vincent Harvey wrote:
>
> > I while ago I mentioned possibly making a modification to gnome-run so
> > users could run certain apps (like gnorpm and gmc) as root, after
> > giving a password. I just now noticed that in the CVS server, there
> > has been a program called gsu, in gnome-utils/mini-utils.
> >
> > It currently is not secure (at least it hasn't been audited), though
> > as it is now, maybe a few finishing touches could be made, so it could
> > be usable for a single user, or in someone's home. I would recommend
> > seperating this package from gnome-utils, as a utility for those
> > willing to take the security risk. Maybe it could install *.desktop
> > files for programs like gshutdown and gmc (this also assumes gmc can
> > open a single window without making desktop icons).
> >
> > --------------
> > Vincent Harvey
> > http://www.mcs.net/~vharvey (don't go here now, still problems)
> >
> >
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]