Re: Super User Launcher

From: David Puryear <dayear codenet net>
To: gnome-list gnome org
Subject: Re: Super User Launcher
Date: Tue, 16 Mar 1999 09:04:56-0000 (/etc/localtimePíØöÿ¿y{

On 16-Mar-99 Adrian Hosey wrote:
>: 
>: I'll write it.  I will hack the gnome-run launcher.  It will store a
>: password in a dot file on your home directory.  Tell me if that is what
>: you have in mind.  I can also make it so it will run in a console for
>: scripting.  It may be a week or two before its done. Let me know what you
>: think.
> 
> Why record the root password in plain text? Since the launcher is
> running UID 0, it is sufficient to record a note that user U has
> successfully authenticated as root in the last X minutes, preferrably
> where X is a configurable value. This is how sudo does it.

How is xhost +a going to be handled? Is this safe? I mean having your password
in a text file? Please do consider all the security issues before doing
something like this. IMHO, the gnome-run should not do this since if a user
needs to be a root, she/he can just as easily do "su -l" in any
Xterm/Eterm/Gnome-terminal/and so on, which I think is safer.

        Regards,
        David

References:
- Re: Super User Launcher
  - From: Adrian Hosey

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]