[kde-linux] KDESu: possible issue

[Duncan]

James Tyrer posted on Mon, 26 Apr 2010 14:15:18 -0700 as excerpted:

> When I run KDESU from a Konsole, I get this message:
> 
> startApp: Daemon not safe (not sgid), not using it
> 
> Is there some file that needs the permissions changed?

What are the permissions on your kdesu executable?  It's a daemon, in that 
it remains running in the background, storing the password for some 
minutes after you run it, so you don't have to enter them again if you run 
it repeatedly.

FWIW, kdesu is not SETUID/SETGID here at all.  It's only 0755 perms.  I'm 
**GUESSING** that it might check to see if it's SETUID, and refuse to run 
if it's not SETGID also.

(While I can run kdesu, my normal kde user isn't normally in the wheel 
group necessary to successfully su, so when kdesu invokes su, it fails PAM 
authentication, no matter what I put in.  I did just vigr and vigr -s, 
adding the user to wheel temporarily, and it works just fine -- I ran 
kdesu konsole and got a root konsole just fine.  So kdesu doesn't need to 
be SETUID/SETGID at all and isn't here -- it's su itself that should be 
SETUID, as mine is.  (It's not SETGID either, tho.))

Note that there's all sorts of shadow and pam related options apply to su 
as well.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman