Re: GTK setuid problem
- From: Robert Pearce <rob bdt-home demon co uk>
- To: gtk-list gnome org
- Subject: Re: GTK setuid problem
- Date: Tue, 20 Apr 2010 08:02:49 +0100
Hi robin,
On Tue, 20 Apr 2010 09:51:42 +0530 you wrote:
>
> My question is there any other work around for this problem?
> My need is the user should not be asked for root password each time (log
> off and log in)
> for the GTK application.
The problem is that GTK is a huge library of complex stuff that is
added to all the time, and as such is quite a likely place for security
vulnerabilities to appear. The developers therefore (quite rightly)
decided it shouldn't be run setuid. The intended way to work is to
gather the bits that really need to be setuid into a small (and
therefore probably quite secure) helper program that your big GUI can
talk to (probably through pipes, maybe through sockets).
What I don't understand is why you think "making use of socket"
requires your application to be run as root.
Rob
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]