Package: menu Version: 2.1.45 Severity: important Tags: patch When you try to open an application like Synaptic, from the menu, the system uses the "su-to-root -X -c <cmd>", to run with privileges, but when the user input a wrong password he is not notified.
Test: $ su-to-root -c ls On text mode the user is prompted to try again. $ su-to-root -X -c ls On X11 mode the user has no idea what is happening. I make some improvements on su-to-root attached here as su-to-root.NEW Now the graphical user will be asked to retry. I also change the i18n strings to make the l10n easier.
su-to-root.NEW
Description: Binary data
14a15,27
> ask_yes_no() {
> if [ "$KDE_FULL_SESSION" = "true" ]; then
> dialog=$(which kdialog)
> test -n "$dialog" && dialog="$dialog --yesno "
> fi
> if test -z "$dialog"; then
> dialog=$(which zenity)
> test -n "$dialog" && dialog="$dialog --question --text="
> fi
> test -z "$dialog" && exit 0 # can't ask, assume yes
> $dialog"$1"
> }
>
43,44c56,58
< COMMAND="$i";;
< -X)
---
> COMMAND="($i) || exit 255" # 255 is also the gksu output for cancel.
> ORIG_CMD=$i;;
> -X)
62,63c76,77
< transl 'About to execute %s.\n' "$COMMAND"
< transl 'This command needs %s privileges to be executed.\n' "$PRIV"
---
> transl 'About to execute %s.' "$ORIG_CMD"; echo
> transl 'This command needs %s privileges to be executed.' "$PRIV"; echo
75,76c89,90
< while ! eval $cmd; do
< transl 'Incorrect password or command failed. Try again? (y/N)'
---
> while ( eval $cmd; [ $? -gt 0 -a $? -lt 255 ] ); do
> transl 'Incorrect password. Try again?'; echo -n ' (y/N)'
106,117c120,136
< gksu) gksu -u "$PRIV" "$COMMAND";;
< gksudo) gksudo -u "$PRIV" "$COMMAND";;
< kdesu) kdesu -u "$PRIV" "$COMMAND";;
< kdesudo) kdesudo -u "$PRIV" "$COMMAND";;
< kde4su) /usr/lib/kde4/libexec/kdesu -u "$PRIV" "$COMMAND";;
< ktsuss) ktsuss -u "$PRIV" "$COMMAND";;
< sux) env SU_TO_ROOT_SU=sux \
< x-terminal-emulator -e su-to-root -p "$PRIV" -c "$COMMAND";;
< # As a last resort, open a new x-terminal-emulator and prompt for the password
< # Do not use -X here!
< *) x-terminal-emulator -e su-to-root -p "$PRIV" -c "$COMMAND";;
< esac;;
---
> gksu) cmd='gksu -u "$PRIV" --description="$ORIG_CMD" "$COMMAND"';;
> gksudo) cmd='gksudo -u "$PRIV"--description="$ORIG_CMD" "$COMMAND"';;
> kdesu) cmd='kdesu -u "$PRIV" "$COMMAND"';;
> kdesudo) cmd='kdesudo -u "$PRIV" "$COMMAND"';;
> kde4su) cmd='/usr/lib/kde4/libexec/kdesu -u "$PRIV" "$COMMAND"';;
> ktsuss) cmd='ktsuss -u "$PRIV" "$COMMAND"';;
> sux) cmd='env SU_TO_ROOT_SU=sux x-terminal-emulator \
> -e su-to-root -p "$PRIV" -c "$COMMAND"';;
> # As a last resort, open a new x-terminal-emulator and prompt for the
> # password. Do not use -X here!
> *) cmd='x-terminal-emulator -e su-to-root -p "$PRIV" -c "$COMMAND"';;
> esac
> while ( eval $cmd; [ $? -gt 0 -a $? -lt 255 ] ); do
> if ! ask_yes_no "$( transl 'Incorrect password. Try again?' )"; then
> exit 2
> fi
> done;;
