Happier with kdesudo

Kevin Chadwick ma1l1ists at yahoo.co.uk
Fri Jan 11 21:11:16 GMT 2013 

Thankyou for all the info, you have been very helpful. Much more than
these lists that can't even tell me if switching to kdesudo is
possible. I assume because it isn't?

> This is the one that opened /my/ eyes.
> http://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-
> gui-isolation.html
>

Well actually that link is slightly misleading, yes they can access
keystrokes assuming it is not grabbed and yes that is poor protection
but if you use sudoers and make changes to sudoers after a fresh boot
up or closed browser then there is no password to sniff.

 
> And if you might as well be running everything in superuser mode, why not 
> just do your X login as root in the first place?
> 

That is not true as there is still memory protection. You could just
as easily state and with more credence that if someone has access to one
X app then they can find an escalation to root. It does apply to kdesu
which requires a password however and Xapps will offer softer targets
such as rawio access for video drivers to use.

> Ideally, you only do superuser tasks from a non-X VT, or
> alternatively, have a dedicated superuser X login, where EVERYTHING's
> running as superuser and you know it, so you don't access the net from
> it or anything, only do superuser stuff in it. 

I have various systems of varying lock downs. The least locked down
online system does follow best practice of a seperate non-X VT console
only admin but the admin is still restricted by sudo and with autologin
enabled to reduce password entry. More locked down systems run X as
it's own user with rawio disabled and have polkit disabled.

I also have offline systems that I like to run things via kdesudo and I
simply wish to know if I can continue without learning more about
configuring the inferior polkit and keeping track of it's ever
changing poorly documented and often in fact course fitting permissions?

I sincerely hope there will not be a time when linux desktops will be
as useless as Windows without scripts and RPC and an API that needs
it's own library.

 Looking at the KDE lists it is the misunderstanding of sudo acting as
 su which is the driver and it would be far better and more secure if
 what polkit did followed the unix philosophy of many small tools and
 having the bonus of being more accessible to users and so continuing
 the power of unix rather than undescriptive source and api.

There are alternatives for everything I can think of that work with
sudo.

-- 
_______________________________________________________________________

'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle text streams, because that is a
universal interface'

(Doug McIlroy)
_______________________________________________________________________
___________________________________________________
This message is from the kde mailing list.
Account management:  https://mail.kde.org/mailman/listinfo/kde.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.

More information about the kde mailing list