PolicyKit + KDE
Alexander Neundorf
neundorf at kde.org
Thu Sep 3 17:27:44 BST 2009
On Thursday 03 September 2009, Aaron J. Seigo wrote:
> On September 2, 2009, John Tapsell wrote:
> > running "kdesu kill PID". The PolicyKit 'problem' sorta takes
> > ksysguard back a step, in that before ksysguard could reliably kill a
> > root process but now it can't without someone manually copying policy
> > files around.
>
> and takes it a step forward by letting the system (or sys admin) let
> certain users do so without having access to root or access to other root
> privileges.
Isn't that similar to what you can do with /etc/sudorc ?
I don't really see the difference between granting a user the permission to
execute a process as root (e.g. via sudo) and granting a user the permission
to tell some other process (PK ?) which has root permissions to do something,
relying on dbus and policykit (two not too tiny software packages) ?
Where is the improvement ?
Doesn't that mean that when before sudo had to be secure, now dbus and
policykit have to be secure (probably much more LOC) ?
Alex
More information about the kde-core-devel
mailing list