Re: How to use gksu to safely run a non-open-source application?



On Sat, Dec 18, 2004 at 06:07:11AM -0500, Jack Dodds wrote:
> My solution is to create a "non-secure" user called realplay, in a group 
> called realplay.  This user is treated as hostile, and is not given 
> access to any files of any other user.

That's not how UNIX permissions work... realplay may read, write
and execute any files it can see which allow this. For example,
a file in /home/jack with permissions rw-r--r-- can be read,
though not written to, by realplay.

You can limit the files that a user can see by placing it in a
chroot'd environment.

> Does anyone have any suggestions as to how I could more cleanly 
> implement the idea of running a potentially "hostile" GTK application 
> under its own low-privilege user id? What about he security risk of 
> having a window from a "hostile" program running under another user id 
> visible on my desktop?

Rather than using an su -alike, you may want to use a
sudo-alike. Permissions can be much finer-grained, controlled by
/etc/sudoers.

-dsr-
-- 
Nothing to sig here, move along.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]