Re: GnoRPM feature and Re: Gnome su

From: Tim Moore <tmoore tembel org>
To: Erik Walthinsen <omega cse ogi edu>
Cc: Federico David Sacerdoti <fds offm62 wuh wustl edu>, Vincent Harvey <vharvey mcs net>, gnome-list gnome org, recipient list not shown: ;
Subject: Re: GnoRPM feature and Re: Gnome su
Date: 23 Apr 1999 20:17:39 -0400

>>>>> Erik Walthinsen writes:

> On Thu, 22 Apr 1999, Federico David Sacerdoti wrote:
>> I believe PAM could be used for the authentication. The benefit would be
>> that a normal user could quickly manipulate packages without bringing up a
>> terminal.

> This would mean gnorpm has to be setuid root.  Not so cool.  A much better
> way to do it would be to have a separate, audited setuid program, hmm,
> sounds like su/sudo...  Sounds like gsu (if it's what I think it is).

Best of all, when a user asks gnorpm to do something they don't have
the permissions for, it could call gsu on a small helper program
(e.g. rpm itself).  To the user, it would just look like they tried to
install a package, and had to enter the root password to do so.
Gnorpm wouldn't have to do authentication itself, and you wouldn't
have to quit and restart it if you forgot to become root.

Tim Moore

References:
- Re: GnoRPM feature and Re: Gnome su
  - From: Erik Walthinsen

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]