Re: Security in GNOME
- From: Havoc Pennington <hp redhat com>
- To: Cody Russell <bratsche dfw net>
- cc: Michael Dennis <miked kerneltech com>, gnome-list gnome org
- Subject: Re: Security in GNOME
- Date: Wed, 11 Aug 1999 23:06:40 -0400 (EDT)
On Wed, 11 Aug 1999, Cody Russell wrote:
>
> gnome-utils contains a program called gsu, which at the moment doesn't
> compile correctly and hasn't been audited for security. Once it has been
> security audited, then it would be safe to use in applications that would
> need root access, correct?
>
Well, you can't really use gsu *in* an application; you can use it to
launch an app that runs as root.
mkj's PAM-based stuff is way better. I think this is really something next
to impossible to do portably; so we may have to restrict a working su
solution to Unices that implement PAM (most of the free ones are at least
working on it). mkj says the PAM stuff could be modified to try to work
without PAM, but lacking a volunteer to do that we're up the creek.
gsu is still worth finishing; it is useful for some things, like:
gsu --command='gshutdown'
It really wouldn't be hard to finish, someone just needs to do it (someone
who knows a good bit about Unix, the GUI part is finished and trivial).
I'll fool with it someday, but I'm not really an expert in this area.
Havoc
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
