Mika Hanhijärvi yazmış: > I have reproduced this bug too. > > Ian Jackson wrote: > >> The purpose of the password >> prompt is to make it harder to trick a user into installing a rogue >> package - thus it is a security feature which should not just be >> removed. > > I can't test this because as was said Debian's version of gksu doesn't > have --always-ask-pass argument. But if I understand it correctly that > argument tells gksu to ask password always, even if the password is > already cached by the system for the current desktop session. Am I > right? If that's the case then I don't understand how it would be a > problem if gdebi is patched so that it does not try to pass that > argument to gksu. In Debian root password is cached for the desktop > session by default anyway. Etch has also gdebi, and it works just fine > on Etch. Obviously Etch version of gdebi does not need or use that > --always-ask-pass argument. Also many of the Debian Gnome desktop's > system configuration tools are started using gksu and those tools don't > need that --always-ask-pass argument. > >> It is not IMO release critical since the program works perfectly >> well when run as root. > > Do you mean like this?: > # gdebi <package> > > I think gdebi is useless if used that way, you could then as well do: > # dpkg -i <package> > > Gdebi is most useful when used as a normal user like this, and this > is how most users want it to work:: > 1) set gdebi as a default tool for .deb packages on Gnome desktop > 2) download .deb package to desktop > 3) click that .deb packkage using mouse > 4) root password is asked (if not cached already) > 5) gdebi window opens and you can install package. > > I think that if you want to make gdebi use that --always-ask-pass argument, > then do so eg. in Lenny +1. gdebi should now be made work now on Lenny the > same > way it works on Etch. gdebi is useful tool and it would be a shame > if it is broken in Lenny. >
> Actually we can patch gdebi to first use "sudo -K" and then "gksu [...]" That would be overkill for this purpose but I guess there is no harm doing that. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
