> I need it for a small KDE application wich needs to execute some privileged > procecesses (like mount) WITHOUT password promting to the user. The KDE app > itself can't run as root (casue that needs an extra enviroment and i don't > want that) and setuid root is not a good idea cause of the kdelibs (and also > here a root env would be necessary).
some of the previous suggestions (i.e. add the user to sudoers) seem reasonable.. for simple stuff like mount, you can give the user a home in the 'cdrom' and 'disk' groups.. You can also ssh to localhost using key-based authentication.. ssh-keygen -t dsa append ~/.ssh/id_dsa.pub to /root/.ssh/authorized_keys, make sure that sshd allows root logins, and you can run commands as 'ssh root@localhost command' This will have root environment and should be just as easy as having a perl daemon listen on a given port.. if it's an app for multiple distributions / mass distribution, you may want to write multiple methods for doing this into the app and strongly recommend against all but the most secure method.. Hope this is helpful! -Justin
signature.asc
Description: This is a digitally signed message part
