[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: security vs. usability
From:       Martijn Klingens <mklingens () yahoo ! com>
Date:       2001-02-06 13:38:52
[Download RAW message or body]

On Tuesday 06 February 2001 12:18, Stephan Kulow wrote:
> > user who doesn't have much of a clue, and also doesn't have any users he
> > doesn't trust (e.g. home user with his family).
>
> Tja, then he has a problem and will have to use kdesu with password
> caching.

I don't have the problem myself but if I had to share my computer with others 
I wouldn't like to give away my root password. My brother doesn't know how to 
hack a suid app, but a plain root password is just *begging* to be abused. 
Maybe a kde shell to sudo isn't bad after all because it would allow just 
_SOME_ apps with root prevs and optionally without password. Unfortunately 
that will never make it into 2.1 obviously.

For now I'd choose the secure approach that we have now and suggest we 
improve the security scheme asap after 2.1

Martijn

[prev in list] [next in list] [prev in thread] [next in thread]