Re: Rebooting the System
- From: Justin Clift <justin postgresql org>
- To: Liam R E Quin <liam holoweb net>, Gtk <gtk-app-devel-list gnome org>
- Cc:
- Subject: Re: Rebooting the System
- Date: Fri, 14 Apr 2006 12:06:28 +1000
Liam R E Quin wrote:
On Thu, 2006-04-13 at 15:59 +1000, Justin Clift wrote:
Liam R E Quin wrote:
<snip>
Root password should not be prompted for in a
gtk-engine-themed window, of course...
<snip>
Out of curiosity, why is this bad?
A gtk+ theme engine is a piece of executable code (usually in C)
that can live in the user's login directory, not root's.
So you could write a gtk+ theme that (for example) captures
keystrokes and saves them to a file.
Note that most Gtk+ themes don't work this way, and even
when they do, the theme engine is usually in a "trusted
directory", e.g. under /usr/share somewhere.
Investigate consolehelper, perhaps.
Exactly why I asked. On RH systems, it appears to be broken into a user
level GUI prompter that asks for the root password, and a privileged
component that does the authentication and task.
Not being aware of the GTK theme engine problem you mentioned above, I
didn't look at that side of things closely at the time. Guess they'd
have to do the above but not use theming somehow. ;)
Thanks for heads up Liam.
Regards and best wishes,
Justin Clift
Liam
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
