[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: kcontrol and setuid
From:       Christian Esken <c.esken () cityweb ! de>
Date:       1999-06-25 1:22:46
[Download RAW message or body]

On Tue, 22 Jun 1999 Carlo Robazza wrote:
>Hi there,
>
>I am doing some work on kcontrol and I need a bit of help.
>
>When a user runs kcontrol and tries to modify, for example, the date
>they must enter the root password. They can then modify the date for the
>
>system. If they then start up another module that requires the root
>password, without having exited kcontrol, they are prompted for the root
>
>password again. I would like to prevent the user from having to enter
>the root password if they have already done that. In other words, if the
>
>user has already entered the root password, it stays active until
>kcontrol is closed down.
>
>Any thoughts?

This is very, very difficult.

Hereīs the easy, but bad way:
Either kcontrol or the corresponding control modules must be SUID root.
Which is very, very, very bad in terms of security --- donīt do it.

Hereīs the better way:
Much better would be a modular concept., where you have a SUID
application starter for minimalistic specialized programs (e.g. one for
setting the clock). This applications starter would have to check if
the current user is allowed to use the set-clock program.

Or use a fork-off concept, like todays kppp does.

I repeat: Never ever even think of making a program with GUI suid root.
It will most likely not make it into CVS!

  Christian

-- 
Is Unix ready for the desktop? See http://www.kde.org

The                              Christian Esken
|/  Desktop                      KDE Developer
|\  Environment                  esken@kde.org

KDE - The net transparent free Unix Desktop for everyone

[prev in list] [next in list] [prev in thread] [next in thread]