[Portland] xdg-su -u option

David Zeuthen david at fubar.dk
Sat Apr 22 18:33:51 EEST 2006 

On Sat, 2006-04-22 at 08:47 -0500, Jeremy White wrote:
> I have a minor feature I want to implement, that is trivial to
> accomplish in Windows or Mac OS X.

Well good for you that said operating systems provide you with
interfaces to do that. I haven't reviewed those mechanisms lately so I
can't say whether they are secure or not. 

But for the free desktops I and others are still working on a secure
replacement called PolicyKit. Patches are welcome.

> But for Linux, to satisfy your moral imperatives, I have to
> install a root daemon process and find an IPC to talk to it.

Jeremy, this is not about moral imperatives, it's about common sense. 

Do you have any idea at all how dangerous it is to run X11 applications
as root? Have you recently reviewed all the toolkits and their image
loaders?

> (Let's see, how do I install the root helper process?  Hmm.  Probably
> need root privs to install that.  Gee, how do I get that
> on all Linux distros reliably? )

Then fix that problem instead. Obviously one solution is to install an
LSB init script that starts your helper.

> To me, xdg-utils is about providing a simple interface to the
> functions that already exist in the Linux desktop so ISVs
> can have a simple way to accomplish things.

No, it does not exist. Sure, some distributions ship silly things to do
what you want, notably Red Hat doesn't (although most people agree
consolehelper is flawed too).

> The Portland Project was started, I thought, to ease the
> pain of a third party ISV trying to write software for
> Linux.  It's not some grand unifying vision, it's not trying
> to provide the be all and end all, it's just trying to make life
> easier for ISVs.

I think making life easier for ISV's is _great_ as you as you don't
encourage behavior that is fundamentally dangerous. 

Including xdg-su is fundamentally flawed (and you seem to agree) and
there are perfectly good and portable ways to obtain what you want
without selling out. 

Hell, people in the community, like myself, are even working on safe
replacements. Whether other projects will use it is of course up to
them.

> Further, we already have a mechanism for xdg-su to fail and provide
> a 'feature not provided'.  So, if what you hope for comes
> to pass, then xdg-su will increasingly return
> 'feature not provided', and it will fall into disuse.
> So there is already a mechanism for the change you crave.

Which renders the feature completely useless in my opinion.

It's not clear to me who is running this Portland project and the page

 http://portland.freedesktop.org/wiki/Portland

doesn't really tell me. If there are members of a technical advisory [1]
board, I'd urge them to come forward and let us know that they will take
my complaint up at their next meeting. Thanks.

    David

[1] : I think the Portland project is way too important to be governed
by the traditional mailing list flame fest because, I, for one, don't
have the time nor the inclination to fight lazy ISV's

More information about the Portland mailing list