[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: kdesu in KRASH
From: David Faure <faure () kde ! org>
Date: 1999-09-22 20:39:06
[Download RAW message or body]
On Wed, Sep 22, 1999 at 08:00:22PM +0200, Geert Jansen wrote:
> Hiya,
>
> I'd like to advocate for inclusion of kdesu in the KRASH release.
>
> KDE su features:
>
> * graphical password dialog
> * automatic X authentication
> * (rather) secure password keeping
>
> It is currently tested on:
>
> * Linux (w & w/o glibc 2.1, PAM, unix98 pty's)
> * Solaris 7 (intel)
>
> Different scenarios are possible:
>
> 1) All the way.
> KDE su gets included in kdebase and all things requiring root priviliges
> (kdm setup, kfm su, kvt su, ...) are called through kdesu.
>
> 2) Not all the way.
> KDE su in kdeuitls. It installs a new kfm su and kvt su .desktop entry.
>
> IMHO 1) would be the best because we're making a graphical desktop here
> and KDE su fits into this phylosophy.
>
> KDE su can be found in kdenonbeta. If the password keeping feature worries
> people, we could disable it by default.
>
> Please comment!
Oh yes I love that.
I really didn't want to reimplement kfmsu & kfmsu2 in konqueror.
I vote for 1) :)
Perhaps you can comment on the following bug report I got recently, and which
is very related :
Package: kfm
Version: 1.1.2
kfmsu2 calls "xhost +local:", which is insecure.
I suggest setting the XAUTHORITY environment for root to that of the user's to
securely give root access to the display:
Remove "xhost +local:" and change su:
su - root -c "XAUTHORITY=$HOME/.Xauthority; DISPLAY=$DISPLAY; \
export XAUTHORITY DISPLAY; $kfm -sw >/dev/null"
I am using both Debian Slink and Redhat 6.0 with updates.
--
David FAURE
david@mandrakesoft.com, faure@kde.org
http://www.insa-lyon.fr/People/AEDI/dfaure/index.html
KDE, Making The Future of Computing Available Today
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic