[Portland] xdg-su -u option
david at fubar.dk
Sat Apr 22 18:38:32 EEST 2006
On Sat, 2006-04-22 at 16:06 +0200, Kevin Krammer wrote:
> As far as I can see we would only have one alternative to satisfy both the
> timeframe goal of xdg-utils and the "no su helper" goal: having a fixed set
> of root actions that can be peformed.
> For example instead of doing
> xdg-su -c xdg-menu --install app.desktop
> we would use
> xdg-root-action --install-menu app.desktop
> The advantage is obviously that it can be implemented using su now and some
> IPC later when it becomes available, however the disadvantage is that we will
> have to compile a list of all necessary actions beforehand or at least the
> most important ones.
Yea, I think that looks a lot better. Specifically, since
xdg-root-action is an interface, OS vendors may replace it with their
own code that uses native security features of the OS such as SELinux
> Since we are not actually flooded with feedback, I guess it will be quite
> unlikely that we will get a good list soon enough.
Well, we can hit the most common cases and, as I pointed out elsewhere,
if an ISV needs root privileges to do something there are other ways
though he needs to be less lazy.
> From my point of view (2) is the main goal of the Portland project, however
> xdg-utils is about delivering a working solution ASAP, not necessarily the
> most beautiful/powerful solution.
Timing is important, but it's never ever an excuse to shipping software
that we know is fundamentally insecure.
More information about the Portland