kdesu default super-user-command

Thomas Friedrichsmeier thomas.friedrichsmeier at ruhr-uni-bochum.de
Thu Nov 22 18:45:47 GMT 2007


On Thursday 22 November 2007, Oswald Buddenhagen wrote:
> On Thu, Nov 22, 2007 at 07:35:29PM +0100, Thomas Friedrichsmeier wrote:
> > On su vs. sudo: Note that kdesu - in it's current implementation - pretty
> > much defies the entire logic behind sudo (except for that you don't need
> > the root but your own password). That's because internally the command
> > that is run is always "kdesu_stub", which then calls the real command.
> > So, with kdesu it's the same all or nothing you get with su, modulo the
> > password needed to access it.
>
> errm, no. in sudo you can also specify which command line arguments to
> permit.

Yeah, except the "real" command is written to kdesu_stub's stdin, not passed 
as a command-line option. I don't think sudo can handle *that*.

> > (But that's the problem with sudo, anyway, in practice, no? Defining
> > what exactly a user may do with admin-priviledges. May work ok for
> > starting/stopping some daemons,
>
> RTFM ;)
>
> > but what if you want to install something?)
>
> if you allow *that*, you can allow anything.

Exactly. But that happens to be my primary usecase for kdesu.

Regards
Thomas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20071122/cdf8e4d8/attachment.sig>


More information about the kde-core-devel mailing list