Am Montag, 29. Mai 2006 10:10 schrieb Iván Forcada Atienza:
>
> Well, setuid root is comfortable but: why is the use of kdesu insecure??
> I personally don't like setuid root (no special reason). I prefer the
> use of sudo instead because it allows a more fine-grained permissions
> control.
>

Ouch, no I didn't said that the use of kdesu is insecure, but it is insecure 
to run a process with root privileges that only needs this privileges for a 
small, temporary part.  It is better to isolate the root privileges to a 
small process that has a short lifetime and that you can control better.

I don't know the exact policies of identity switching but the best way to do 
something  is to have clear constraints.
 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<