[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Konsole - a security vs. portability problem
From:       Alex Zepeda <garbanzo () hooked ! net>
Date:       1999-01-06 23:04:06
[Download RAW message or body]


> At least for non-Linux systems. The right way to handle the problem does not
> only depend on the OS, but also on the environment. For a single user
> workstation (as many Linux installations are), there's not security issue at
> all. For a multiuser environment, i cannot expect the sysadmin to run to set
> konsole root/suid (and thereby risking to compromize the whole system). I for
> one certainly won't do that if i were responsible for a system's security.

*shrug*.  A default X install has xterm setuid.  There are plenty of
suid-by-default X apps.  I figure if you drop root privs before you even
construct your KApp object, you're reasonably safe.

There's always the (bloated) possibility of some sort of small suid corba
daemon to handle this...

- alex

| "Contrary to popular belief, penguins are not the salvation of modern  |
| technology.  Neither do they throw parties for the urban proletariat." |
| Powered by FreeBSD                            http://www.freebsd.org/  |

[prev in list] [next in list] [prev in thread] [next in thread]