On Sat, 2012-06-16 at 16:24 +0300, Jussi Lahtinen wrote: > > No, xdg-su is no longer part of xdg-utils. > > > > Do you know reason for this?
No, I just look at the latest releases. > > > > > I have not used the xdg-su script for privilege escalation, but a quick > > (and I mean quick!) look through it at it stands is not going to be a > > great success. > > > > Privilege escalation means exploitation, not use of intentionally > implemented feature to gain higher privileges. > http://en.wikipedia.org/wiki/Privilege_escalation > Yes, but when I was young it meant the latter. :-) (That was before "bad" hackers made their appearance on the planet. They've even stolen our language, sheesh!) > > > The fact is, there isn't and one of the major reasons is the old ongoing > > su/sudo argument and how certain distros implement their own policies > > regarding this. (I don't intend on pursuing that argument further here) > > > > Is there some desktop distro without graphical sudo!? > As far as know, at least CentOS doesn't have a graphical authorisation utility for sudo. > > > > > > GKSU/GKSUDO > > Pro: Easy to use, can handle complex command strings*, easy to configure > > the authorisation gui to suit > > Con: There are some security issues, the major one to me is that it > > escalates the current user's privilege, not the current process. > > > Not true if you use gksudo or gksu with -c. > As far as I know, on some mandriva related distros with gnome desktops installed, it still bumps the user privileges even if -c is used. > > > Even more of an issue is that the escalation actually remains in force for a > > period of time after the gksu command is finished. > > > > It is applied only if next commands are used also with sudo/etc. > Also this time is fully configurable, and if you want you can force it to > stop immediately with "sudo -k". > Hmm. I have seen gksu (not gksudo) run in a terminal to do something and then followed by a privileged command that was not denied. Again, this was on a mandriva derived distro. e.g. $ gksu whoami /root $ ifconfig ... > > * a complex command string being something like > > 'cd /home/blah/blah;echo pwd; make install; echo "Success!"' > > > > I think you mean 'cd /home/blah/blah;echo pwd; make install && echo > "Success!"'. > ;) > Probably, but around here we do not accept failure :-) > > Jussi ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Gambas-user mailing list Gambas-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/gambas-user
